Patch Tuesday Wednesday (NOV-2009)

This month we have six (6) new security bulletins, a restart will be required.

Today, we released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). [1]

Bulletin	KB number	Description	Severity	Impact	Software
MS09-63	973565	Vulnerability in Web Services on Devices API Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-064	974783	Vulnerability in License Logging Server Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-065	969947	Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS09-066	973309	Vulnerability in Active Directory Could Allow Denial of Service	Denial of Service	Important	Microsoft Windows
MS09-067	972652	Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Office
MS09-068	976307	Vulnerability in Microsoft Office Word Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Office

MS are also re-releasing MS09-045 and MS09-051

For this month:
A number of Remote Code Execution vulnerabilities for this month.

PATCH NOW:
NOW: MS09-063, MS09-065, MS09-067 and MS09-068

LINKS:
[1.] November 2009 Security Bulletin Release (2009-Nov-10) [MS: MSRC]
[2.] Microsoft November Black Tuesday Overview (2009-Nov-10) [SANS]
[3.] Microsoft Security Bulletin Summary for November 2009 (2009-Nov-10) [MS]
[4.] Microsoft security updates for November 2009 (2009-Nov-10) [MS]
[5.] Details on the License Logging Service vulnerability (2009-Nov-10) [MS: SR&D]
[6.] Vulnerability in Web Services on Devices (WSD) API (2009-Nov-10) [MS: SR&D]
[7.] Font Directory Entry Parsing Vulnerability In win32k.sys (2009-Nov-10) [MS: SR&D]

CRP09-068