Microsoft Security Bulletin Summary for October 2009

Published: October 13, 2009

Version: 1.0

This bulletin summary lists security bulletins released for October 2009.

With the release of the bulletins for October 2009, this bulletin summary replaces the bulletin advance notification originally issued October 8, 2009

Bulletin Information

Executive Summaries

The following table summarizes the security bulletins for this month in order of severity.

For details on affected software, see the next section, Affected Software and Download Locations.

Bulletin ID	Bulletin Title and Executive Summary	Maximum Severity Rating and Vulnerability Impact	Restart Requirement	Affected Software
MS09-050	Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517) This security update resolves one publicly disclosed and two privately reported vulnerabilities in Server Message Block Version 2 (SMBv2). The most severe of the vulnerabilities could allow remote code execution if an attacker sent a specially crafted SMB packet to a computer running the Server service. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate from outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.	Critical Remote Code Execution	Requires restart	Microsoft Windows
MS09-051	Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Critical Remote Code Execution	May require restart	Microsoft Windows
MS09-052	Vulnerability in CWindows Media Player Could Allow Remote Code Execution (974112) This security update resolves a privately reported vulnerability in Windows Media Player. The vulnerability could allow remote code execution if a specially crafted ASF file is played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Critical Remote Code Execution	May require restart	Microsoft Windows

Vea las demás vulnerabilidades que este boletín contempla, en la página:

http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx


Más y más vulnerabilidades en Windows. Parece que cada vez se encuentran nuevos problemas de seguridad en el sistema operativo de microsoft y lo que es más impresionante es que por lo menos las más críticas ya tienen exploits disponibles y quizá lo interesante y recreativo sería encontrarlo y comprobar cómo es que se puede ejecutar código remotamente. Lo mal es que muchas de estas vulnerabilidades aplican para windows 7, aunque en la página de Microsoft no lo diga....Si ven en la sección Exploitability Index, Bulletin ID MS09-050 y CVE ID CVE-2009-3103 y dan clic en los dos vínculos, se van a dar cuenta de lo que digo, en el 1°, dice que windows 7 no es afectado y en el 2° dice lo contrario....a quien creerle???? Definitivamente creo que es más confiable el National Vulnerability Database.....