Cisco Event Response: Microsoft Security Bulletin Release for February 2009

February 10, 2009

Microsoft published its monthly security bulletin release on February 10, 2009. Four bulletins were released that address eight individual vulnerabilities. Microsoft rated two bulletins as Critical and two as Important. The Critical bulletins address vulnerabilities in Microsoft Exchange and Internet Explorer that could allow attackers to execute code with the privileges of the user. The Internet Explorer vulnerabilities require some level of user interaction to exploit. The Important bulletins address vulnerabilities in Microsoft Office and SQL Server products that could allow attackers to execute arbitrary code.

As part of the February 2009 release, Microsoft also provided an additional update that disables the AxLoader ActiveX Control due to a buffer overflow vulnerability that affects the Research in Motion BlackBerry Application Web Loader.


Cisco Security Intelligence Engineering

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. When applicable, Cisco IOS access control lists, Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, Cisco Security Monitoring, Analysis, and Response System Incidents, and firewall inspection are among the techniques discussed in the bulletins.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for February 10, 2009


Impact on Cisco Products

Impact Assessment of February 2009 Microsoft Security Bulletins on Cisco Contact Center and Self Service Products
Impact Assessments for Cisco Contact Center and Self Service Products evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.


Cisco Security IntelliShield Alert Manager and Cisco IPS

The following table identifies Cisco Security IntelliShield Alert Manager alerts and Cisco IPS signatures that are associated with this Microsoft release:

Microsoft Security Bulletin Affected Product Cisco IntelliShield Alert CVE ID
Search CVEs		 Cisco IPS Signature CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS09-002

Cumulative Security Update for Internet Explorer

 Microsoft Office Visio Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability CVE-2009-0075
15233-0
9.3
Microsoft Internet Explorer Cascading Style Sheets Memory Corruption Vulnerability CVE-2009-0076
15234-0
9.3

Microsoft Security Bulletin MS09-003

Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

 Microsoft Exchange Server Microsoft Exchange Server Transport Neutral Encapsulation Format Data Handling Memory Corruption Vulnerability CVE-2009-0098
15235-0
 10.0
Microsoft Exchange Server MAPI Command Processing Denial of Service Vulnerability CVE-2009-0099
5.0

Microsoft Security Bulletin MS09-004

Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution

Microsoft SQL Server

Microsoft SQL Server Express Edition

Microsoft SQL Server Desktop Engine (MSDE)

Microsoft Windows Internal Database (WYukon)

Microsoft SQL Server sp_replwritetovarbin() Buffer Overflow Vulnerability CVE-2008-5416
15313-0
9.0

Microsoft Security Bulletin MS09-005

Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution

Microsoft Windows Internet Explorer

Microsoft Windows XP

 Microsoft Office Visio Object Data Validation Code Execution Vulnerability CVE-2009-0095
9.3
Microsoft Office Visio Object Processing Memory Corruption Vulnerability CVE-2009-0096
9.3
Microsoft Office Visio Memory Allocation Code Execution Vulnerability CVE-2009-0097
9.3

 

Return to Cisco Security Center