Security Advisories

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Subject: US-CERT Technical Cyber Security Alert TA09-132A -- Microsoft PowerPoint Multiple Vulnerabilities
From: CERT Advisory <This email address is being protected from spambots. You need JavaScript enabled to view it.>
Date: Tue, 12 May 2009 18:06:24 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA09-132A


Microsoft PowerPoint Multiple Vulnerabilities

   Original release date: May 12, 2009
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft PowerPoint


Overview

   Microsoft has released updates that address vulnerabilities in
   Microsoft PowerPoint.


I. Description

   As part of the Microsoft Security Bulletin Summary for May 2009,
   Microsoft released updates to address vulnerabilities that affect
   Microsoft PowerPoint.


II. Impact

   By convincing a user to open a specially crafted PowerPoint file, a
   remote, unauthenticated attacker could execute arbitrary code, gain
   elevated privileges, or cause PowerPoint to crash.


III. Solution

   Microsoft has provided updates for these vulnerabilities in the
   Microsoft Security Bulletin Summary for May 2009. The security
   bulletin describes any known issues related to the updates.
   Administrators are encouraged to note these issues and test for any
   potentially adverse effects. Administrators should consider using
   an automated update distribution system such as Windows Server
   Update Services (WSUS).


IV. References

 * Microsoft Security Bulletin Summary for May 2009 -
   <http://www.microsoft.com/technet/security/bulletin/ms09-may.mspx>

 * Microsoft Windows Server Update Services -
   <http://technet.microsoft.com/en-us/wsus/default.aspx>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA09-132A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <This email address is being protected from spambots. You need JavaScript enabled to view it.> with "TA09-132A Feedback VU#198068" in
   the subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2009 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________

Revision History
  
  May 12, 2009: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSgnyBnIHljM+H4irAQJv4Qf/euzDYXdW8DJ1/Aq5bEAgWUuR7c+apXr3
W7yPkz1xjQ+pdwOUScxyyUUHGC/x9U1vboAWzXdHqv17owhoXgkd93b5fQfkAh43
CMwOSq7owSGW1CkDf4UawBrpWHkuOrXbRza1VFLvnFdc9mbDwb9cg2ZaixtMXQVq
zUBJfclfOiDzNijEBEbwN+gPXmFGJ2DBmpAY/YRfQ9vc5Ojpe+11x8jljs7llZx5
18Vzqnc+B/coTOZ07fn0dxL8ltAjvtQpYolKkZaNVQDkAI29h/MYQR7NhqSQ0EYP
DBgRaSBLOEnLi1mFCE3Xp1j2I1Wd5oLcZIKKAGZzMXV6Ctv1id8fQg==
=gg8J
-----END PGP SIGNATURE-----

Powered by:

MHonArc