Justin James presents a rundown on the March 2009 batch of Microsoft Windows patches. He wades through the available resources and brings you the information you need to make the right decision on applying them in your organization.
Welcome to the March 2009 edition of TechRepublic's Patch Tuesday update. One thing I noticed was the relatively high number of changed and minor items since February's Patch Tuesday. It seemed like every few days, my Windows Server Update Services (WSUS) server was notifying me of something other than Windows Defender updates or Exchange spam signatures. Also, we will continue to include non-Windows information in our Patch Tuesday updates since folks seemed to appreciate it last month; it just so happens that there isn't any non-Windows content for this month.
- MS09-006/KB958690 -- Critical (XP, Vista, 2000, 2003, 2008): I cannot recall the last time I saw a bug in the Windows Kernel itself, but this patch fixes one. This particular bug allows attackers to remotely execute code via a specially crafted EMF or WMF image. You should install this patch immediately. This affects 32-bit and 64-bit versions of Windows, including Server Core.
- MS09-007/KB960225 -- Important (XP, Vista, 2000, 2003, 2008): This patch closes a bug in SChannel (Secure Channel) that an attacker can use to perform spoofing. To exploit this bug, the attacker needs access to the certificate that the end user has for authentication, which is why it is lowered to "Important." This is not the worst bug in history, but you will want to install this patch when convenient. This affects 32-bit and 64-bit versions of Windows, including Server Core.
- MS09-008/KB961063/KB961064 -- Important (2000, 2003, 2008): The DNS and WINS servers in Windows Server have a vulnerability that could allow someone to mess with the lookups; from there, all sorts of mischief can occur, such as swapping google.com to some undesirable Web site. Install this patch on any server running DNS or WINS that an attacker might have access to. You will want to read the KB article 961063 for details on resource consumption before installing this patch for DNS servers; WINS servers are not affected by resource consumption increases. This affects 32-bit and 64-bit versions of Windows Server, including Server Core.
- "The Usual Suspects": Updates to the Malicious Software Removal Tool and Junk Email filters.
- Changed, but not significantly: Windows Vista SP 1 for x64, Autorun disabling.
Updates since the last Patch Tuesday
There have been a number of minor items since the last Patch Tuesday:
- KB931125: Updates root certificates.
- KB940510: Closes a hole that allowed applications to bypass Vista product activation.
- KB951847 and KB959209: Small updates and language packs for .NET 3.5 SP1, including Application Compatibility.
- KB959772: Fixes DRM problems that are caused by updating WMP or Windows.
- KB961030: Corrects problems updating the Windows Home Server Connector software and issues with restoring from backups on Windows Home Server.
- KB961118: .NET 3.5 SP1 was breaking PCL inbox printer drivers by making them unsigned on XP and 2003 systems; this patch fixes that.
- KB967715: More fixes for the disabling of Autorun in Windows XP, 2000, and 2003.
- KB959209: Additional Application Compatibility items for .NET 3.5 SP1.
Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!