January 2009 - Posts
Received from Microsoft on January 13, 2009 at 2:58 pm CST:
********************************************************************
Microsoft Security Bulletin Summary for January 2009
Issued: January 13, 2009
********************************************************************
This bulletin summary lists security bulletins released for January 2009.
The full version of the Microsoft Security Bulletin Summary for January 2009 can be found at http://www.microsoft.com/technet/security/bulletin/ms09-jan.mspx.
With the release of the bulletins for January 2009, this bulletin summary replaces the bulletin advance notification originally issued on January 8, 2009. For more information about the bulletin advance notification service, see http://www.microsoft.com/technet/security/Bulletin/advance.mspx.
To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://www.microsoft.com/technet/security/bulletin/notify.mspx.
Microsoft will host a webcast to address customer questions on these bulletins on Wednesday, January 14, 2009, at 11:00 AM Pacific Time (US & Canada). Register for the January Security Bulletin Webcast at http://www.microsoft.com/technet/security/bulletin/summary.mspx.
Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.
Critical Security Bulletins
===========================
Microsoft Security Bulletin MS09-001
- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista and
Windows Vista Service Pack 1
- Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems
- Impact: Remote Code Execution
- Version Number: 1.0
Received from Microsoft January 13, 2009 at 1:29 PM CST:
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: January 13, 2009
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-066 - Important
* MS08-037 - Important
Bulletin Information:
=====================
* MS08-066 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-066.mspx
- Reason for Revision: V1.1 (January 13, 2009): Added an entry to
the section, Frequently Asked Questions (FAQ) Related to this
Security Update, explaining this revision as a detection
change for this security update. The corrected detection
offers the security update to affected systems that
previously were not offered this security update. Customers
who have successfully updated their systems do not need to
reinstall this update.
- Originally posted: October 14, 2008
- Updated: January 13, 2009
- Bulletin Severity Rating: Important
- Version: 1.1
* MS08-037 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
- Reason for Revision: V2.3 (January 13, 2009): Added a new entry
to the Frequently Asked Questions (FAQ) Related to This
Security Update section to communicate the fix to a detection
and deployment issue with Windows XP Service Pack 3. There
were no changes to the binaries or packages for this update.
Customers who have successfully updated their systems do not
need to reinstall this update.
- Originally posted: July 8, 2008
- Updated: January 13, 2009
- Bulletin Severity Rating: Important
- Version: 2.3
Received from Microsoft - January 7, 2009 7:05 PM CST
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: January 7, 2009
********************************************************************
Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.
* MS08-072 - Critical
Bulletin Information:
=====================
* MS08-072 - Critical
- http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx
- Reason for Revision: V1.2 (January 7, 2009): Removed Microsoft
Office Word Viewer 2003 from the Affected Software table.
Also, added an entry to the section, Frequently Asked
Questions (FAQ) Related to This Security Update, pertaining
to Microsoft Office Word Viewer 2003 and Microsoft Office
Word Viewer 2003 Service Pack 3. This is an informational
change only. There were no changes to the security update binaries.
- Originally posted: December 9, 2008
- Updated: January 7, 2009
- Bulletin Severity Rating: Critical
- Version: 1.2