Microsoft & Adobe’s – October 2009 Security Update(s)

October’s patch Tuesday has been and gone, and Microsoft’s update addresses more than 24 CVEs.

( CVE-2009-0090, CVE-2009-0091, CVE-2009-0555, CVE-2009-0901, CVE-2009-1547, CVE-2009-2493, CVE-2009-2493, CVE-2009-2495, CVE-2009-2497, CVE-2009-2500, CVE-2009-2501, CVE-2009-2502, CVE-2009-2503, CVE-2009-2504, CVE-2009-2507, CVE-2009-2510, CVE-2009-2511, CVE-2009-2515, CVE-2009-2516, CVE-2009-2517, CVE-2009-2518, CVE-2009-2521, CVE-2009-2524, CVE-2009-2525, CVE-2009-2526, CVE-2009-2527, CVE-2009-2528, CVE-2009-2529, CVE-2009-2530, CVE-2009-2531, CVE-2009-2532, CVE-2009-3023, CVE-2009-3103, CVE-2009-3126 )

If you mix in the recent Adobe security update, you’d be addressing an additional 29 CVEs.

( CVE-2009-2988, CVE-2009-2989, CVE-2009-2990, CVE-2009-2991, CVE-2009-2992, CVE-2009-2993, CVE-2009-2994, CVE-2009-2995, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431, CVE-2009-3458, CVE-2009-3459, CVE-2009-3460, CVE-2009-3461, CVE-2009-3462 )

bringing the total number of vulnerabilities patched to 53.

Microsoft’s release includes 13 updates – 8 of which they have rated as critical.

MS09-050 – Critical Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)

MS09-051 – Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

MS09-052 – Critical Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)

MS09-054 – Critical Cumulative Security Update for Internet Explorer (974455)

MS09-055 – Critical Cumulative Security Update of ActiveX Kill Bits (973525)

MS09-060 – Critical Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)

MS09-061 – Critical Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

MS09-062 – Critical Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Not to downplay the seriousness of any of these updates – but the update this month that was the most interesting is MS09-062.

MS09-062 addresses 8 vulnerabilities in Microsoft’s GDI+. ( CVE-2009-2500, CVE-2009-2501, CVE-2009-2502, CVE-2009-2503, CVE-2009-2504, CVE-2009-2518, CVE-2009-2528 & CVE-2009-3126 ) These issues could be abused if maliciously crafted WMF, PNG, TIFF, BMP files are processed by GDI+. ( This update also addressed an issue in GDI+ that could be abused my a maliciously crafted .NET application. But that’s less concerning. If you’re running malicious applications … well.. then you have more pressing things to worry about than applying patches! ). The problem here is that most users come into contact with many WMF, PNG, TIFF & BMP files while doing just about anything with a computer these days – be it browsing the web, sharing photos, etc….

As for the rest of Microsoft’s updates; SophosLabs have provided analyses on 11 of this month’s updates. You can read them all here.

If you’ve found our vulnerability posts to be valuable – or have some suggestions for how we can better serve you, please let us know at