- ALPS Touch Pad Driver
- CardScan
- Microsoft Office XP Professional
- Microsoft SQL Server Native Client
- Realtek High Definition Audio Driver
Just a quick note as it appears that the recent Microsoft Security update MS09-003 has been updated.
This patch was rated as critical. The Microsoft update briefing has the following information on the change to this patch;
"Reason for Revision: V2.0 (February 16, 2009): Added the Microsoft Exchange Server MAPI Client as affected software. Also, added several entries to the section, Frequently Asked Questions (FAQ) Related to This Security Update, relating to updating the MAPI Client and the Exchange System Management tools. ."
Just in case you missed the original bulletin information. Here us a re-post;
| MS09-003 | Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) |
| Description | This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding. |
| Payload | Cdo.dll, Emsmdb32.dll, Emsmta.exe, Exhotfixuninst.dll, Exspmsg.dll, Mapi32.dll, Mdbmsg.dll, Store.exe, Exhotfix.cdd |
| Impact | Remote Code Execution |
And, it looks like a sample of the application packages that contained elements from the security update MS09-003 included;
Hope this update does not affect anyone.
No comments:
Post a Comment