[MS Security] Bulletin Summary for December 2009 - Issued: December 8, 2009

This bulletin summary lists security bulletins released for
December 2009.

The full version of the Microsoft Security Bulletin Summary for
December 2009 can be found at
http://www.microsoft.com/technet/security/bulletin/ms09-dec.mspx.

With the release of the bulletins for December 2009, this bulletin
summary replaces the bulletin advance notification originally issued
on December 3, 2009. For more information about the bulletin
advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins are issued, subscribe to Microsoft Technical Security
Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, December 9, 2009,
at 11:00 AM Pacific Time (US & Canada). Register for the
Security Bulletin Webcast at
http://www.microsoft.com/technet/security/bulletin/summary.mspx.

Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.

Critical Security Bulletins
Microsoft Security Bulletin MS09-071
  - Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista,
      Windows Vista Service Pack 1, and
      Windows Vista Service Pack 2
    - Windows Vista x64 Edition,
      Windows Vista x64 Edition Service Pack 1, and
      Windows Vista x64 Edition Service Pack 2
    - Windows Server 2008 for 32-bit Systems and
      Windows Server 2008 for 32-bit Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Windows Server 2008 for x64-based Systems and
      Windows Server 2008 for x64-based Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Windows Server 2008 for Itanium-based Systems and
      Windows Server 2008 for Itanium-based Systems Service Pack 2
    - Impact: Remote Code Execution
    - Version Number: 1.0

Microsoft Security Bulletin MS09-074
  - Affected Software:
    - Microsoft Project 2000 Service Release 1
    - Microsoft Project 2002 Service Pack 1
    - Microsoft Office Project 2003 Service Pack 3
    - Impact: Remote Code Execution
    - Version Number: 1.0

Microsoft Security Bulletin MS09-072
  - Affected Software:
    - Internet Explorer 5.01 Service Pack 4 when installed on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 Service Pack 1 when installed on
      Microsoft Windows 2000 Service Pack 4
    - Internet Explorer 6 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 6 for
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 6 for
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 7 for
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 7 for
      Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 in
      Windows Vista,
      Windows Vista Service Pack 1, and
      Windows Vista Service Pack 2
    - Internet Explorer 7 in
      Windows Vista x64 Edition,
      Windows Vista x64 Edition Service Pack 1, and
      Windows Vista x64 Edition Service Pack 2
    - Internet Explorer 7 in
      Windows Server 2008 for 32-bit Systems and
      Windows Server 2008 for 32-bit Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for x64-based Systems and
      Windows Server 2008 for x64-based Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 7 in
      Windows Server 2008 for Itanium-based Systems and
      Windows Server 2008 for Itanium-based Systems Service Pack 2
    - Internet Explorer 8 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Internet Explorer 8 for
      Windows XP Professional x64 Edition Service Pack 2
    - Internet Explorer 8 for
      Windows Server 2003 Service Pack 2
    - Internet Explorer 8 for
      Windows Server 2003 x64 Edition Service Pack 2
    - Internet Explorer 8 in
      Windows Vista,
      Windows Vista Service Pack 1, and
      Windows Vista Service Pack 2
    - Internet Explorer 8 in
      Windows Vista x64 Edition,
      Windows Vista x64 Edition Service Pack 1, and
      Windows Vista x64 Edition Service Pack 2
    - Internet Explorer 8 in
      Windows Server 2008 for 32-bit Systems and
      Windows Server 2008 for 32-bit Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 8 in
      Windows Server 2008 for x64-based Systems and
      Windows Server 2008 for x64-based Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Internet Explorer 8 in
      Windows 7 for 32-bit Systems
    - Internet Explorer 8 in
      Windows 7 for x64-based Systems
    - Internet Explorer 8 in
      Windows Server 2008 R2 for x64-based Systems
      (Windows Server 2008 R2 Server Core installation not affected)
    - Internet Explorer 8 in
      Windows Server 2008 R2 for Itanium-based Systems
    - Impact: Remote Code Execution
    - Version Number: 1.0

Important Security Bulletins
Microsoft Security Bulletin MS09-069
  - Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Impact: Denial of Service
    - Version Number: 1.0

Microsoft Security Bulletin MS09-070
  - Affected Software:
    - Windows Server 2003 Service Pack 2
      (Only affected when updated with Windows Server 2003 R2)
    - Windows Server 2003 x64 Edition Service Pack 2
      (Only affected when updated with Windows Server 2003 R2
      x64 Edition)
    - Windows Server 2008 for 32-bit Systems and
      Windows Server 2008 for 32-bit Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Windows Server 2008 for x64-based Systems and
      Windows Server 2008 for x64-based Systems Service Pack 2
      (Windows Server 2008 Server Core installation not affected)
    - Impact: Remote Code Execution
    - Version Number: 1.0

Microsoft Security Bulletin MS09-073
  - Affected Software:
    - Microsoft Windows 2000 Service Pack 4
    - Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    - Windows XP Professional x64 Edition Service Pack 2
    - Windows Server 2003 Service Pack 2
    - Windows Server 2003 x64 Edition Service Pack 2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Microsoft Office Word 2002 Service Pack 3
    - Microsoft Office Word 2003 Service Pack 3
    - Microsoft Works 8.5
    - Microsoft Office Converter Pack
    - Impact: Remote Code Execution
    - Version Number: 1.0

Read the complete post at http://wmug.co.uk/blogs/cliffs_blog/archive/2009/12/09/ms-security-bulletin-summary-for-december-2009-issued-december-8-2009.aspx

Published Wednesday, December 09, 2009 5:42 AM by Cliff Hobbs - FAQShop.com and Microsoft MVP ConfigMgr/ SMS