Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution – Version: 4.0
Revision Note: V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, “Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution.”
Summary: Security Advisory
Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services – Version: 3.0
Revision Note: V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this issue. We have released MS09-053 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-053. The vulnerabilities addressed are the IIS FTP Service DoS Vulnerability (CVE-2009-2521) and the IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023).
Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution – Version: 2.0
Revision Note: V2.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin.
Summary: Security Advisory
Microsoft Security Advisory (974926): Credential Relaying Attacks on Integrated Windows Authentication – Version: 1.0
Revision Note: V1.0 (December 8, 2009): Advisory published.
Summary: This advisory addresses the potential for attacks that affect the handling of credentials using Integrated Windows Authentication (IWA), and the mechanisms Microsoft has made available for customers to help protect against these attacks.
Microsoft Security Advisory (954157): Security Enhancements for the Indeo Codec – Version: 1.0
Revision Note: V1.0 (December 8, 2009): Advisory published.
Summary: Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.