Home > Microsoft Security > Ms09-001



For more information see the TechNet Update Management Center. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. See the section, Detection and Deployment Tools and Guidance, earlier in this bulletin for more information. File Information See Microsoft Knowledge Base Article 958644 Registry Key Verification Note A registry key does not exist to validate the presence of this update. his comment is here

This mode sets the security level for the Internet zone to High. The vulnerability could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. In the Internet Options dialog box, click the Security tab, and then click the Internet icon. Security updates are available from Microsoft Update, Windows Update, and Office Update.


Microsoft Office Suites and Software Microsoft Office Suites, Systems, and Components Bulletin Identifier MS08-070 MS08-072 MS08-074 MS08-077 Aggregate Severity Rating Critical Critical Critical None Microsoft Office 2000 Service Pack 3Not applicable Customers who require custom support for older releases must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and For more information about the capabilities and implementation of ICMP, see RFC 792: Internet Control Message Protocol DARPA Internet Program Protocol Specification.

Windows Server Update Services By using Windows Server Update Services (WSUS), administrators can deploy the latest critical updates and security updates for Microsoft Windows 2000 operating systems and later, Office XP To sum up, it is a critical vulnerability as it is very easy to exploit and affects from Windows 2000 to Windows Server 2008 computers and all the versions of Internet Note For more information about the wusa.exe installer, see Microsoft Knowledge Base Article 934307. This log details the files that are copied.

This security update requires that Windows Installer 2.0 or later be installed on the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle. see it here FAQ added to clarify the reason why a non-vulnerable version of Office will be offered this update.

See also Managing Internet Explorer Enhanced Security Configuration. Windows Server Update Services By using Windows Server Update Services (WSUS), administrators can deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2016 Microsoft © 2016 Microsoft


Inclusion in Future Service Packs The update for this issue may be included in a future update rollup Deployment Installing without user interventionWindows 2000 Service Pack 4:Windows2000-kb941644-x86-enu /quiet Installing without restartingWindows Impact of Workaround: There are side effects to prompting before running ActiveX Controls and Active Scripting. Ms09-001 SoftwareSMS 2.0SMS 2003 with SUSFPSMS 2003 with ITMUConfiguration Manager 2007 Microsoft Office SharePoint Server 2007 (32-bit editions)NoNoYes. In RPC, the requesting program is the client and the service-providing program is the server.

The dates and times for these files are listed in coordinated universal time (UTC). In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation Prompting before running ActiveX Controls or Active Scripting is a global setting that affects all Internet and intranet sites. Microsoft received information about this vulnerability through responsible disclosure.

To access the network shell, run the following command from an elevated command prompt: netsh Once in the netsh environment, enter the following commands: netsh>rpc
netsh rpc>filter
netsh rpc filter>add rule In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. This bulletin spans both Microsoft Office Suites and Software and Microsoft Developer Tools and Software. weblink Removing the Update This security update supports the following setup switches.

What might an attacker use the vulnerability to do? An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Supported Security Update Installation Switches SwitchDescription /help Displays the command-line options Setup Modes /passive Unattended Setup mode. For example, an online e-commerce site or banking site may use ActiveX Controls to provide menus, ordering forms, or even account statements.

A successful attack leading to elevation of privilege could result in denial of service or information disclosure.

Verifying That the Update Has Been Applied Microsoft Baseline Security Analyzer To verify that a security update has been applied to an affected system, you may be able to use the Internet Group Management Protocol (IGMP) is used for IPv4 multicast. Also, in certain cases, files may be renamed during installation. TCP/IP is the suite of communications protocols used for transmitting data over networks.

Click Internet, and then click Custom Level. To do this, follow these steps: In Internet Explorer, click Tools, click Internet Options, and then click the Security tab. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites. Save the following text to a temporary directory: For 32-bit systems Save to a text file called: "BlockAccess_x86.inf" [Unicode]
[File Security]
"%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll",2,"S:(ML;;NWNRNX;;;ME)" For 64-bit systems

For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. This includes all customers using Microsoft Works 8.0, Works Suite 2004, and Works Suite 2005.

It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. It is availalable on WU/MU. Removing the Update To remove this security update, use the Add or Remove Programs tool in Control Panel. In the Startup type list, click Automatic.

By searching using the security bulletin number (such as, “MS07-036”), you can add all of the applicable updates to your basket (including different languages for an update), and download to the Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This guidance will also help IT professionals understand how they can use various tools to help deploy the security update, such as Windows Update, Microsoft Update, Office Update, the Microsoft Baseline Other versions or editions are either past their support life cycle or are not affected.

Note You can combine these switches into one command. An attacker could exploit the vulnerability by constructing a specially crafted Web page. If the file or version information is not present, use one of the other available methods to verify update installation. Expand HKEY_CLASSES_ROOT.

Note that the Server Core installation option does not apply to certain editions of Windows Server 2008; see Compare Server Core Installation Options. File Information See the subsection, File Information, in this section for the full file manifest Registry Key Verification Not applicable File Information The English version of this security update has the For more information, see Microsoft Knowledge Base Article 910723. Disable Data Binding support in Internet Explorer 8 Beta 2 Perform the following steps: Set Internet and Local Intranet security zone settings to High.

In the Export Registry File dialog box, type mailto_backup.reg and select Save. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. No user interaction is required, but installation status is displayed.