Critical Security Alert: October Microsoft Security Bulletins Include Vulnerabilities Affecting Microsoft Windows, Office, Outlook, Media Player and Internet Explorer. Immediate Action Required.
Tuesday, October 13, 2009
Microsoft Corporation has announced eight new critical security vulnerabilities affecting Microsoft Windows, Office, Outlook, Media Player and Internet Explorer. CSSD recommends that users immediately identify and install the security updates necessary to repair these vulnerabilities by using the Pitt Software Update Service. If you are not already using this service, you can sign up for it by visiting technology.pitt.edu and selecting "Pitt Software Update Service" from the Quick Launch menu on the main page. The correct updates for your computer will then be installed on the schedule you specify.
The eight critical security vulnerabilities are listed below. An attacker who successfully exploits any of these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full administrative user rights.
- Microsoft Security Bulletin MS09-050 describes three vulnerabilities in Microsoft Windows and Windows Server operating systems.
- Microsoft Security Bulletin MS09-051 describes two vulnerabilities in Windows Media Runtime.
- Microsoft Security Bulletin MS09-052 describes a vulnerability in Windows Media Player.
- Microsoft Security Bulletin MS09-054 contains a set of cumulative updates for Microsoft Windows Explorer.
- Microsoft Security Bulletin MS09-055 describes a vulnerability in ActiveX Controls for Microsoft Office.
- Microsoft Security Bulletin MS09-60 describes several ActiveX Control vulnerabilities for Microsoft Office.
- Microsoft Security Bulletin MS09-061 describes three vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight.
- Microsoft Security Bulletin MS09-62 describes several vulnerabilities in Windows GDI+.
In addition to installing the Microsoft patches, CSSD also recommends that all users install Symantec AntiVirus software and use the LiveUpdate feature to get the latest virus definitions. Symantec AntiVirus is available at no cost to students, faculty, staff, and departments from CSSD Software Licensing Services, 105 Bellefield Hall, and can also be downloaded from software.pitt.edu.
Please contact the Technology Help Desk at 412 624-HELP [4357] if you have any questions regarding this announcement.