Justin James gathers the information you need to make the right decision on applying Microsoft's November patches in your organization.
This month's actual "Patch Tuesday" items are short and sweet. So why is this month's report so insanely long? Blame it on W7 and 2008R2, but not in a bad way! Microsoft is back-porting a lot of W7/2008R2 functionality to previous versions of Windows, and most of the interim patches are related to this effort. While I applaud Microsoft for doing this and while I understand why they would want to release those items out of band, I think that most systems administrators would rather not see those kinds of items show up until the proper Patch Tuesday.
For information on previous patch Tuesdays, visit the TechRepublic Microsoft Patch Tuesday archives.
Security patches
MS09-045/KB975542 - Critical (2000): This patch fixes a remote code execution exploit in Jscript 5.7 on Windows 2000. The patch has been available since December for other versions and other OSs. 718 KB
MS09-063/KB973565 - Critical (Vista, 2008): An attacker on the local subnet only could use a specially crafted packet to perform a remote code execution exploit against Vista and 2008. This is a surprising item, in that it affects only Vista and 2008. You will want to get this patch installed immediately, because it requires zero user interaction to trigger it, and the attacker gets full rights from what I can tell. 245 KB - 576 KB
MS09-064/KB974783 - Critical (2000): A problem with the License Logging Server on Windows 2000 allows attackers to perform remote code execution exploits against the machine. You should install this patch as soon as you can. 532 KB
MS09-065/KB969947 - Critical (XP, 2000, 2003)/Important (Vista, 2008): There are a number of problems with the Windows kernel that allow attackers with carefully crafted fonts to attack the system. On 2000, XP, and 2003, these are remote code execution exploits. On Vista and 2008, these are "merely" escalation of privileges attacks. You should get this patch on your systems as soon as you can. 1.1 MB - 5.6 MB
MS09-066/KB973037 - Important (XP, 2000, 2003, 2008): A problem with various active Directory systems allows specially crafted LDAP queries to jam up the Active Directory system on servers. This is a low-priority item, and the patch can wait until your next patch cycle. 800 KB - 5.6 MB
MS09-067/KB973593 - Important (Office XP, Office 2003, Office 2004 for Mac, Office 2008 for Mac, Open XML File Converter for Mac, Excel Viewer 2003, Office Compatibility Pack 2007 SP 1 and SP2): A number of problems with various applications that can open Excel files can lead to a remote code execution exploit. The damage is limited on systems with restricted user accounts. Microsoft calls this update "Important," but I feel that you will want to install it immediately, due to the user habit of opening any and every Office file they receive.
MS09-068/KB976307 - Important (Office XP, Office 2003, Office 2004 for Mac, Office 2008 for Mac, Open XML File Converter for Mac, Word Viewer): Similar to the Excel bug above, specially crafted Word documents can be used to perform remote code execution attacks, which may have lower permissions for restricted users. Again, the prevalence of Word files makes this more critical than the potential damage would normally indicate, so install this patch quickly. There is a known issue where Office XP users will need to re-agree to the software terms after installing this update.
Other updates
KB943729: 2008R2 and 2008 introduced new Group Policy items for Windows clients; this update makes these policies available to machines running XP and 2003. 700 MB - 890 KB
KB960568: This update for Vista and 2008 adds BITS 4.0 functionality, which is used by much of the Windows Management system. 1.4 - 1.9 MB
KB968930: Adds PowerShell 2.0 and Windows Remote Management 2.0 (for managing Windows computers via SOAP Web Service calls) to XP, Vista, 2003, and 2008. 6.1 MB - 35.9 MB
"The Usual Suspects": Updates to the Malicious Software Removal Tool (9.3 - 9.7 MB) and Junk Email filters. 2.2 MB
Changed, but not significantly: Windows Media Center Update (KB975053).
Updates since the last Patch Tuesday
We did not have any security patches release out of band since the last Patch Tuesday.
There have been a number of minor items added since the last Patch Tuesday:
Windows Media Center Update (KB975053) fixes problems with ISDB broadcasts (Japanese broadcasts). 305 KB - 645 KB
Windows 7 Application Compatibility Update (KB975891) fixes issues with certain HP printers and their software. 194 KB
Update to the Windows Customer Experience Improvement Program (KB975889) is not really worth installing unless you really care about the CEIP system. 30 KB
IE8 Compatibility View List (KB975364). 38 KB - 684 KB
Windows Media Player/Set Program Access Issue Update (KB972145) - if you have been having problems using "Set Program Access and Computer Defaults" to disallow access to Windows Media Player, this update fixes it. 16 MB - 22 MB
Platform Update for 2008 and Vista (KB971644) brings some of the new programming libraries introduced in W7 and 2008R2 to 2008 and Vista. 7.2 MB - 18 MB
WPD Update for Vista (KB971514) adds some of W7's functionality for portable devices to Vista. 3 MB - 4 MB
Automation and Accessibility Updates (KB971513) introduces some of W7's user-interface automation and accessibility libraries to 2003, XP, Vista, and 2008. 760 KB - 1.3 MB
Graphics Update for 2008 and Vista (KB971512) adds some of W7's improvements to the Windows Graphics subsystem to Vista and 2008. 4.6 MB - 9.7 MB
Windows Ribbon and Animations for Vista and 2008 (KB960362) - W7 and 2008R2 ship with a Ribbon component and animation libraries that developers can leverage in their applications; this update brings that functionality into Vista and 2008. 1.9 MB - 3 MB
IE Update (KB976749) resolves problems in IE that are caused by security patch MS09-054/KB974455. 1.5 MB - 13.1 MB
Changed, but not significantly:
- .NET Framework SP1
- MS09-045/KB971961 - Security Update for Windows 2000
- MS09-051/KB954155 - Security Update for Window Media Audio Voice Decoder
- MS09-055/KB973525 - Cumulative Security Update of ActiveX Kill Bits
- MS09-061/KB953300 - .NET Framework 2.0 SP1 Security Update
TechRepublic's Windows Vista and Windows 7 Report newsletter, delivered every Friday, offers tips, news, and scuttlebutt on Vista and Windows 7, including a look at new features in the latest version of the Windows OS. Automatically sign up today!