News Stay informed about the latest enterprise technology news and product updates.

Patch Tuesday Apr 09: 8 Patches, 23 Vulnerabilities, Plenty of Vista Elements

Patch Tuesday items hit yesterday between 1:00 and 1:30 PM Central Daylight Time on servers that I could see. The MS09-April Bulletin Summary from Microsoft covers all the details, but here’s what I hope is a good overview and synopsis of what you’ll find therein. Interestingly, none of this stuff is reflected in updates pushed (or rather, not pushed) for the Windows 7 beta now underway. I’m guessing that MS doesn’t patch betas the same way it does production code, and is probably seeking to avoid additional release cycles.

Here’s a table for the 8 security bulletins published for the patches/fixes/updates pushed yesterday, in bulletin order. The ID/Link column provides the standard MS security bulletin IDs, which range from MS09-009 through MS09-016 for this month; Critical updates are bolded, Important ones in italics, Moderate in plain text. The Title column repeats the Microsoft bulletin title verbatim with the related KB article number in parentheses trailing, while Vulnerabilities data take the form n/m where n is the number of public vulnerabilities addressed, and m the number of private ones addressed, by a bulletin. SW Affected lists the OSes and applications affected; where Windows is bolded, Vista is included.

April 2009 Security Bulletins
ID/Link Title Vulnerabilities SW Affected
MS09-009 Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)           1/1 Office 2000-2007
MS09-010 Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)           2/2 Windows, Office 2000-2007
MS09-011 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)           0/1 Windows
MS09-012 Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)           4/0 Windows
MS09-013 Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)           1/2 Windows
MS09-014 Cumulative Security Update for Internet Explorer (963027)           4/2 IE6 and IE7, including Vista
MS09-015 Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)           1/0 Windows
MS09-016 Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)           1/1 ISA & ForeFront Security

Only the items with Vista explicitly mentioned or with Windows in bold will be of interest to those who manage only Vista desktops. As usual, I include everything because few people on the job are actually in that position and must usually also manage updates for other MS platforms and applications as well. Time to get patchin!

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.