Microsoft Security Bulletin Summary for July 2009 in Security http://www.dslreports.com/forum/r22706306 en Wed, 10 Feb 2010 05:08:22 EDT Wed, 10 Feb 2010 05:08:22 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22731816 antdude :
said by BurntCricket See Profile :

I have not had a "modern" MS OS since 98SE was new(I am using Vista now), so I have a question, is it usual for MS to release updates and patches what seems to be every few days ?
Every second Tuesday of each month unless emergencies. Sometimes, I see updates in the fourth Tuesdays of each month too but that's rare.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer]]> http://www.dslreports.com/forum/remark,22731816 Sun, 19 Jul 2009 01:51:35 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22730693 BurntCricket : I have not had a "modern" MS OS since 98SE was new(I am using Vista now), so I have a question, is it usual for MS to release updates and patches what seems to be every few days ?
--
It is better to have it and not need it, than to need it and not have it.]]> http://www.dslreports.com/forum/remark,22730693 Sat, 18 Jul 2009 19:42:57 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22730642 NICK ADSL UK : Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

»www.microsoft.com/downloads/deta···ylang=en
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,22730642 Sat, 18 Jul 2009 19:27:12 EDT The Unpatched Vulnerability http://www.dslreports.com/forum/remark,22719741 altermatt : Just a reminder that according to Network World Security Alert, a critical zero-day hole in another ActiveX control remains unpatched. " The flaw involving an Office-installed ActiveX control allows for drive-by-download attacks, but can be mitigated by running a quick Fix-it download." »www.networkworld.com/news/2009/0···09-07-16

The "fix-it" download to work around this vulnerability until a patch is issued is here:
»support.microsoft.com/kb/973472
This has already been posted in another thread »Vulnerability in Microsoft Office Web Components... but thought it might also belong here.
--
The truth of a thing is the feel of it, not the think of it. -- Stanley Kubrick]]> http://www.dslreports.com/forum/remark,22719741 Thu, 16 Jul 2009 18:36:17 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22717971 altermatt : As always, thanks! I had previously applied the "fix it" from MS, and was still offered the Active X killbit patch but not the other (Direct Show?). Grabbed the following on one XP Pro machine with no ill effects so far (I don't do the MST and am holding off on IE8 for now):

[att=1]
--
The truth of a thing is the feel of it, not the think of it. -- Stanley Kubrick
Click for full size
]]> http://www.dslreports.com/forum/remark,22717971 Thu, 16 Jul 2009 13:10:36 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22717654 Libra : Hi jabarnut,

I think the computer is okay too.

Thank you for the link regarding MBSA. I had the previous version and looking over this page reminded me of why I never installed this version.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,22717654 Thu, 16 Jul 2009 12:19:45 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22716875 jabarnut : Sounds to me like you're in good shape, Libra.
Now, have a little fun and don't worry about it anymore. ;)

By the way, here is the FAQ page for the MBSA Including "required" services...(under "System Requirements")
»technet.microsoft.com/en-us/secu···922.aspx

Can't hurt to give it a shot. Although, I must say..even though I've generally had it around for ages (and try to always have the latest version), I rarely run it.

Until this thread, I forgot I even had it installed.
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,22716875 Thu, 16 Jul 2009 09:58:44 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22714168 gugarci :
said by Mele20 See Profile :

Eset "warmed" you? How nice. Were you cold? :p ;) :D
Yes I was. I forgot to adjust the temperature on the A/C before I went to bed. :D ]]> http://www.dslreports.com/forum/remark,22714168 Wed, 15 Jul 2009 19:02:28 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22713116 Libra : Thank you everyone for your replies about Fix it and MS09-028. I just went to updates on XP and was offered MS09-028, MS09-029 and the software removal tool.

I don't know if I did the right thing or not, but I didn't remove the fix. I just installed the updates. After re-reading this thread I looked at the manifest for kb971633 and I do have the correct quartz.dll file installed.

If I decide to install MBSA does anyone know what services are required? I think I disabled a service or two that it requires.

EDIT: I called 866-MSSAFETY and spoke with an XP technician. He advised me that I can leave the fix it and apply the update.

Jabarnaut: You had the same experience as I did, with the exception that I applied both fix its. I did not receive an update for the Active X (MS09-032) vulnerability, but did receive the update for the Direct Show (MS09-028) vulnerability even though I had applied that fix it too.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,22713116 Wed, 15 Jul 2009 16:00:29 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22712630 jaykaykay : Thanks, Nick, and all the rest who responded. I didn't want to do anything before coming here to see how things were installing. I want to make sure the puter is running well before I go off to have my spine operated on, and updates are an integral part of of that running well. I will now go get 'em and install. Thanks again, all.]]> http://www.dslreports.com/forum/remark,22712630 Wed, 15 Jul 2009 14:45:15 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711945 jabarnut : I just ran the MBSA (as well as Belarc), on both computers in question...(the one with the "manual fix", as well as the Computer that installed the "patch" from "patch Tues" via MS update), and it appears I'm all set.

I'm not entirely sure precisely how all of this "stuff" works either, but I'm not going to worry about it at this point. ;)

(Edit) By the way, the screenshots posted above are from the machine where I applied the "manual fix", a week or so ago, but the other machine produced the same results.
--
I had a life once.....now I have a Computer and a Modem.
]]> http://www.dslreports.com/forum/remark,22711945 Wed, 15 Jul 2009 12:53:48 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711715 Fickey : Someone smarter than me will have to get into details about fixes vs patches & what's applied, but running the MBSA from Nick's OP should be definitive on any missing updates. The MBSA checks for the actual existence of a patch/fix, but I believe Windows Update & Microsoft Update only check for registry keys indicating if a patch/fix was applied, missing whether or not the patch/fix was successful, overwritten, etc.
--
Nationalized healthcare? Name one government entity that isn't rife with bureaucratic waste & inefficiency!]]> http://www.dslreports.com/forum/remark,22711715 Wed, 15 Jul 2009 12:13:48 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711546 jabarnut : I noticed on my machine where I used the "fix' a while back (last week or whenever it was), was not offered this update through MS Update, whereas the one I never bothered to "fix" was. (I run MS Update manually).

So, I'm assuming the earlier "fix" applied the same "fix" (and thus the reason it didn't come up as a critical update on that particular machine).

Therefore, no need to remove it if you did it manually earlier...you should be all set. (Reply really intended for Libra)

(Someone can correct me if I'm wrong though...it often happens). ;)

(Edit) Did that make any sense? :huh: :D
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,22711546 Wed, 15 Jul 2009 11:47:40 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711449 trparky : I'm going to assume so. All that Fix It! thing did was disable the ActiveX module using a killbit, it didn't actually fix the issue by patching the vulnerability; it only put a bandaid over a wound.
--
Tom]]> http://www.dslreports.com/forum/remark,22711449 Wed, 15 Jul 2009 11:35:38 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711237 Libra : Re Windows XPsp3:

I'm confused about MS09-028 re the direct show vulnerability. I applied the Fix it for this. Will I be offered 971633 and, if so, should I remove the fix it before applying the update?

Thank you.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,22711237 Wed, 15 Jul 2009 11:02:22 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711105 amysheehan : Thanks Nick !!

And YES, a reboot was necessary with Vista. :)]]> http://www.dslreports.com/forum/remark,22711105 Wed, 15 Jul 2009 10:39:01 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22711080 Libra : I have Vista sp1 and had to reboot.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,22711080 Wed, 15 Jul 2009 10:36:06 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710957 LadyL : Yes...which doesn't bother me at all...whenever I have to reboot from the WU installs - which takes maybe 10 minutes (never really timed it, just an estimate ;) ) , I just go get a cup of coffee or whatever :)
--
Lonnie]]> http://www.dslreports.com/forum/remark,22710957 Wed, 15 Jul 2009 10:14:55 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710950 antiphishing :
said by La Luna See Profile :

Thanks Nick. Got the updates last night. No reboot needed with XP.
Reboot is required with Vista Service pack 1. (32 bit)

I guess you have to activate the Active-X kill bits in Microsoft Vista :p

But then again, if you don't use Internet Explorer, then why do have to install the update in the first place. Oh the irony !
--

Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»www.phishtank.com
»www.fraudwatchers.org
»mozilla.com
]]> http://www.dslreports.com/forum/remark,22710950 Wed, 15 Jul 2009 10:13:18 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710673 La Luna : Thanks Nick. Got the updates last night. No reboot needed with XP. ]]> http://www.dslreports.com/forum/remark,22710673 Wed, 15 Jul 2009 09:08:06 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710656 Mele20 : Eset "warmed" you? How nice. Were you cold? :p ;) :D]]> http://www.dslreports.com/forum/remark,22710656 Wed, 15 Jul 2009 09:04:22 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710448 gugarci : I woke up this morning and Eset warmed me about the updates before Windows. I'll install them later today after work. But will monitor threads for problems like I always do first.]]> http://www.dslreports.com/forum/remark,22710448 Wed, 15 Jul 2009 07:57:19 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710350 Mele20 : I did the fixit for KB973346 but I got the patch also. I don't use WU though. I just read the bulletin and KB article and then fetched each patch from Windows Download site.

I got four patches on XP Pro SP2. Of course, I didn't get that malicious software removal tool...my fourth patch was the one for VPC 2007.

I didn't have to reboot!
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason]]> http://www.dslreports.com/forum/remark,22710350 Wed, 15 Jul 2009 07:07:13 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22710075 Dustyn : Yeah that was weird that it required no reboot!??
XP64]]> http://www.dslreports.com/forum/remark,22710075 Wed, 15 Jul 2009 02:49:37 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707790 OverModded :
said by trparky See Profile :

Anybody having to reboot on Vista?
Yes

»Re: Microsoft Security Bulletin Summary for July 2009
--
My BLOG .. .. Internet News .. .. My Web Page]]> http://www.dslreports.com/forum/remark,22707790 Tue, 14 Jul 2009 17:20:26 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707669 trparky : Anybody having to reboot on Vista?
--
Tom]]> http://www.dslreports.com/forum/remark,22707669 Tue, 14 Jul 2009 16:57:00 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707615 antdude : Absolutely no reboot for my XP (SP2 and SP3) and 2000 SP4! Wow!!!]]> http://www.dslreports.com/forum/remark,22707615 Tue, 14 Jul 2009 16:47:05 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707313 Pentangle : Thank you Nick.]]> http://www.dslreports.com/forum/remark,22707313 Tue, 14 Jul 2009 15:52:29 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707193 lrmayer : I did not get KB973346 offered. However, note if one applied KB972890 -- either the "Fixit" or manual workaround, then KB973346 will not be offered for Windows XP -- or applied.

Also note if one disables the "Fixit" then KB973346 will still NOT be subsequently offered. Read the FAQ's in the bulletin for further information.]]> http://www.dslreports.com/forum/remark,22707193 Tue, 14 Jul 2009 15:32:18 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707133 dadkins : Thanks Nick! :)]]> http://www.dslreports.com/forum/remark,22707133 Tue, 14 Jul 2009 15:22:41 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22707068 MarkAW : Thanks Nick four updates for my XP SP3 systems.
Click for full size
]]> http://www.dslreports.com/forum/remark,22707068 Tue, 14 Jul 2009 15:12:48 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706819 tomazyk : Thanks for posting.

On Windows7 I had only ActiveX Killbits and Outlook 2003 junk email filter. No MSRT. Doesn't Windows7 install MSRT or are definitions included in Windows defender definition release?]]> http://www.dslreports.com/forum/remark,22706819 Tue, 14 Jul 2009 14:32:40 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706751 antiphishing :
said by NICK ADSL UK See Profile :

Microsoft Security Bulletin Summary for july 2009

Microsoft Security Bulletin Summary for july 2009
Published: july 14 2009

Thanks for posting this, looks like I have two updates to install. :hmm:
--

Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»www.phishtank.com
»www.fraudwatchers.org
»mozilla.com
]]> http://www.dslreports.com/forum/remark,22706751 Tue, 14 Jul 2009 14:21:11 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706552 jabarnut : Like clockwork...as always, Nick. ;)

Thanks for the heads up..all seems well here.
--
I had a life once.....now I have a Computer and a Modem.]]> http://www.dslreports.com/forum/remark,22706552 Tue, 14 Jul 2009 13:49:19 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706386 DrDemento : I got 971633, 961371, 890830, and 973346 on all three XP machines today. No restart was required. All installed without incident.]]> http://www.dslreports.com/forum/remark,22706386 Tue, 14 Jul 2009 13:22:12 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706357 OverModded : My 2 Vista Sp2 32 bit systems applied the following fixes. A reboot was necessary.

[att=1]

And my Windows 7 RC 32 bit system applied 1 fix. No reboot needed:
[att=2]

So far, all systems running normally. No problems seen.
Click for full size
Click for full size
]]> http://www.dslreports.com/forum/remark,22706357 Tue, 14 Jul 2009 13:16:50 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706353 danny9 : Thanks for posting Nick. :)]]> http://www.dslreports.com/forum/remark,22706353 Tue, 14 Jul 2009 13:16:18 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706339 NICK ADSL UK : Microsoft® Windows® Malicious Software Removal Tool (KB890830)
Brief Description
This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.
»www.microsoft.com/downloads/deta···ylang=en

New Additions

We have added detection and cleaning capabilities for the following malicious software:

FakeSpypro
»www.microsoft.com/security/porta···keSpypro
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,22706339 Tue, 14 Jul 2009 13:12:08 EDT Re: Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706321 NICK ADSL UK : TechNet Webcast: Information About Microsoft July Security Bulletins (Level 200)
Event ID: 1032407482

Language(s): English.
Product(s): Security.
Audience(s): IT Professional.

Duration: 90 Minutes
Start Date: Wednesday, July 15, 2009 11:00 AM Pacific Time (US & Canada)

Event Overview

On July 15, 2009, Microsoft releases its monthly security bulletins. Join us for a brief overview of the technical details of the July security bulletins. We intend to address your concerns in this webcast, therefore, most of the webcast is devoted to attendees asking questions about the bulletins and getting answers from Microsoft security experts.

Presenters: Christopher Budd, Trustworthy Computing Senior Public Relations Manager, Microsoft Corporation and Adrian Stone, Senior Security Program Manager Lead, Microsoft Corporation

Register now for the july security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,22706321 Tue, 14 Jul 2009 13:09:46 EDT Microsoft Security Bulletin Summary for July 2009 http://www.dslreports.com/forum/remark,22706306 NICK ADSL UK : Microsoft Security Bulletin Summary for july 2009

Microsoft Security Bulletin Summary for july 2009
Published: july 14 2009

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

»www.microsoft.com/technet/securi···jul.mspx

Critical (3)
Microsoft Security Bulletin MS09-032 - Critical
Cumulative Security Update of ActiveX Kill Bits (973346)
Published: July 14, 2009
»www.microsoft.com/technet/securi···032.mspx

Microsoft Security Bulletin MS09-029 - Critical
Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
Published: July 14, 2009
»www.microsoft.com/technet/securi···029.mspx

Microsoft Security Bulletin MS09-028 - Critical
Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)
Published: July 14, 2009
»www.microsoft.com/technet/securi···028.mspx

Important (3)

Microsoft Security Bulletin MS09-033 - Important
Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
Published: July 14, 2009
»www.microsoft.com/technet/securi···033.mspx

Microsoft Security Bulletin MS09-031 - Important
Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)
Published: July 14, 2009
»www.microsoft.com/technet/securi···031.mspx

Microsoft Security Bulletin MS09-030 - Important
Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516)
Published: July 14, 2009
»www.microsoft.com/technet/securi···030.mspx
Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security

]]> http://www.dslreports.com/forum/remark,22706306 Tue, 14 Jul 2009 13:07:48 EDT