March 2009 Microsoft Security Bulletins
After several high profile vulnerabilities discovered for Microsoft products in February, with Internet Explorer vulnerability described in MS09-002 and Excel vulnerability described in (968272) being actively exploited in the wild, March brings a single vulnerability rated as Critical with a potential to cause remote code execution MS09-006.
MS09-009 fixes three separate kernel issues with the most serious one, described by CVE-2009-0081, in kernel part of GDI, which allows an attacker to create a maliciously formated graphics file and exploit it remotely.
Colleagues at the Microsoft Security Response Centre have published an interesting video containing the relevant information and details of Exploitability Index of the vulnerabilities disclosed in March Security Bulletins.
SophosLabs have created a vulnerability analysis for MS09-006, since this is the only vulnerability that might be used by malicious programs and updated our Latest Vulnerabilities page.
Posted on March 11th, 2009 by Vanja Svajcer, SophosLabs, UKFiled under: Exploits, Vulnerabilities
Windows 7 security - A great leap forward or business as usual?
