length 00:11:09

9 bulletins <- 5 critical/remote code exec
19 vulnerabilities

most critical: (via web/very critical because of ease to exploit):

MS09-037: same as MS09-035 - vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website.
ATL library issue applicable to Adobe products & other vendors.
Affecting commercial product and home grown SW (web pluggin)

MS09-038: vulnerabilities in Windows Media file processing.

MS09-039:vulnerabilities in the Windows Internet Name Service (WINS). Either vulnerability could allow remote code execution if a user received a specially crafted WINS replication packet on an affected system running the WINS service.
WINS b0f, remote desktop , ASP Net DoS
workstation memory corruption <- privilege escalation
messaging service <- privilege escalation

MS09-043: vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. in the wild.

MS09-045: vulnerability in the JScript scripting engine that could allow remote code execution if a user opened a specially crafted file or visited a specially crafted Web site and invoked a malformed script. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


HIPS will help patching manageable
the bulk of today: ATL  & web component
we had out of bad releases MS09-034 & MS09-35 <-updated today.