54SA.COM|专注于系统运维管理,为中国SA提供动力!

54SA.COM|系统运维网

系统管理员之家Banner
当前位置: 主页 > Windows > 系统安全 > 漏洞补丁 >

微软发布四月安全公告

分享到:
时间:2011-03-02 23:35来源:未知 作者:admin

微软如期发布了四月份的安全公告,正如之前所预告的一样,本月包含5个“危急”等级的安全公告,两个“重要”和一个普通等级的更新.
危急漏洞分别涵盖Office,Windows,IE,请大家关注安全公告并迅速用Windows Update等措施部署更新系统.

查看:Microsoft Security Bulletin Summary for April 2009

MS09-010

Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)

This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word.

Critical
Remote Code Execution

Requires restart

Microsoft Windows, Microsoft Office

MS09-013

Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)

This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Windows HTTP Services (WinHTTP). The most severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Critical
Remote Code Execution

Requires restart

Microsoft Windows

MS09-011

Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)

This security update resolves a privately reported vulnerability in Microsoft DirectX. The vulnerability could allow remote code execution if user opened a specially crafted MJPEG file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

[责任编辑:admin]

顶一下
(0)
0%
踩一下
(0)
0%
------分隔线----------------------------
发表评论
请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
评价:
用户名:
最新评论 进入详细评论页>>