Microsoft Updates for Multiple Vulnerabilities

Original release date: December 08, 2009
Last revised: --
Source: US-CERT

Systems Affected

• Microsoft Windows and Windows Server
• Microsoft Internet Explorer
• Microsoft Office Word, Works, and Project

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.

I. Description

Microsoft has released multiple security bulletins for critical vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office. These bulletins are described in the Microsoft Security Bulletin Summary for December 2009.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

• Microsoft Security Bulletin Summary for December 2009 - <http://www.microsoft.com/technet/security/bulletin/MS09-dec.mspx>
• Windows Server Update Services (WSUS) - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

---

Feedback can be directed to US-CERT.

---

Produced 2009 by US-CERT, a government organization. Terms of use

Revision History

December 08, 2009: Initial release