Rss Feed
Microsoft Security Bulletin MS09-061 (KB974378)
Executive Summary
This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications, or if an attacker succeeds in persuading a user to run a specially crafted Microsoft .NET application. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and executing it, as could be the case in a Web hosting scenario. Microsoft .NET applications, Silverlight applications, XBAPs and ASP.NET pages that are not malicious are not at risk of being compromised because of this vulnerability.
This security update is rated Critical for all affected editions of the Microsoft .NET Framework on Microsoft Windows 2000, Windows XP, Windows Vista, and Windows 7; Microsoft Silverlight 2 when installed on Mac; and Microsoft Silverlight 2 when installed on all releases of Microsoft Windows clients.
This security update is rated Important for all affected editions of the Microsoft .NET Framework on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.
This security update is rated Moderate for Microsoft Silverlight 2 when installed on all releases of Microsoft Windows servers.
For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by modifying the way in which the Microsoft .NET verifies and enforces the rules of Microsoft .NET verifiable code and by modifying the way in which the Microsoft .NET Common Language Runtime (CLR) handles interfaces. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Offical Download : Microsoft Security Bulletin MS09-061 (KB974378)
You can leave a response, or trackback from your own site.
May 31st, 2010 at 1:19 am
Hi All, I have strange situation which I am struggling with. We have just performed a desktop refresh and at the same time delivered Windows 7 to the new machines. We use SCCM to deliver the machines and the build process works well. However, I have one niggling problem. The first time a user logs on to a freshly built machine the UAC kicks in and prompts for credentials on the Secure Desktop. In our case the UAC is stopping the application of a video card driver. The UAC and Secure Desktop are working as per design as we are making use of this feature. However, I am not expecting the UAC to kick in and stop the device driver installation. This is becuase I have expliclty defined the Video Card Device Setup Class “4d36e968-e325-11ce-bfc1-08002be10318″ against the “Allow non-administrators to install drivers for these device setup classes” policy. The one thing I did note is that the certificate used by Microsoft to sign the driver expired on the 23/01/2010. I am not sure is this is the root cause?? I know it is the video card becuase if the Administrator credentials are entered the next event that is viewed is the “Drive finished installing” in the system tray. Can the UAC and this policy work in conjuntion? Has anybody else hit this issue?
June 3rd, 2010 at 10:01 am
Saw this price on flyer start from May19-25Acer emachine 725CPU:T4400HD:250GRAM:3GOS: Windows 7 Home premiumUSB: 2 port (too bad)Webcam:YesHDMI: No
June 5th, 2010 at 2:18 pm
I installed Windows 7 x64 onto a new 640 GB Caviar Black hard drive I recently bought. I partitioned the hard drive into two parts— the first partition has all of my programs installed and the second partition has all of my files (my documents, etc). This morning when I turned on my computer, I got the following error: “Disk boot failure insert system disk and press enter”. I have never seen this before, so I went ahead and inserted my Win 7 x64 disk and restarted. Here, I can’t see my hard drive when I go to “Repair your computer”; however, whenever I go to “Install Now” as if I was going to start a new installation, I can see both partitions. Any ideas? I’ve thought that it might be a faulty cable, but then I can still see the drive when I click Install Now, so I’m not sure if that is the problem.
June 6th, 2010 at 7:14 am
Just got an AK2i, how do I know if I can safely update to 1.4 on my DSi?
June 10th, 2010 at 4:21 pm
It may provide low self esteem, but if its constructive criticism which also tells you how you ought to improve itll certainly bring improvement. But if its rude then thatll just provide reduced self esteem, distrust and introverted behavior. best solution is to just ignore the person criticizing you.
June 11th, 2010 at 1:52 pm
Yahoo News…
This is really great news today….
June 19th, 2010 at 12:38 am
Hi..I have a Program that has been installed on my PC which I wish to remove using Add/Remove program from Control Panel…but it will not uninstall. Please let me know if this can be done from the Registry….and how I actually perform the task If not, is there another way? The uninstallation…