Security Updates | 2009-02-10

I track security updates for the following vendors: Apple, Cisco, FreeBSD, Microsoft, Red Hat, and Sun Microsystems. I chose these vendors based on my own needs for the networks and systems I manage. I’ve also found that updates from these vendors tend to catch the major updates necessary for common software applications. If you have other vendors you would like me to provide updates for, send me a message.

Microsoft Corporation

• Update Rollup for ActiveX Kill Bits
• Vulnerability in SQL Server Could Allow Remote Code Execution
• Cumulative Security Update for Internet Explorer (961260)
• Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
• Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
• Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)

Red Hat, Inc.

• RHSA-2009:0264 Important: kernel security update
• RHSA-2009:0267 Moderate: sudo security update
• RHSA-2009:0269 Important: gstreamer-plugins security update
• RHSA-2009:0271 Important: gstreamer-plugins-good security update

Sun Microsystems, Inc.

• Security Vulnerability in the Process File System (proc(4)) Relating to Contract File System (contract(4)) Interaction May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users