April 2009 Patch Tuesday Release

[Peaches]

April 2009 Patch Tuesday Release

by Roderick Ordoñez (Technical Communications)

Microsoft released a total of 8 patches last April 14, comprising of 5 critical, 2 moderate, and 1 important update for the Windows OS. More information on the said patches are given below:

• (MS09-009) Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)

• (MS09-010} Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)

• (MS09-011) Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)

• (MS09-012) Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)

• (MS09-013) Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)

• (MS09-014) Cumulative Security Update for Internet Explorer (963027)

• (MS09-015) Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)

• (MS09-016) Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)

This set of patches addresses the vulnerabilities exploited in the attacks discussed in the blog entries A Wordpad of Caution and Another Exploit This Time on MS Excel.

However, this batch still does not address the most recent PowerPoint exploit.

Users are advised to install the patches immediately. More information about this release could be read at our Security Advisories page.

TrendMicro - http://blog.trendmicro.com/