May 12, 2009
Microsoft published its monthly security bulletin release on May 12, 2009. One bulletin was released that addresses 14 individual vulnerabilities.
Microsoft has scored the bulletin with a maximum severity rating of Critical. This bulletin addresses vulnerabilities in the Microsoft Office PowerPoint software. In every case, a successful exploit requires a user to open a malformed PowerPoint file; an attacker cannot force a user to do so directly. One vulnerability, which is described in CVE-2009-0556 and IntelliShield alert 17966, is being actively exploited in the wild.
Event Intelligence
The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:
Cisco Security Intelligence Operations
Impact on Cisco Products
Impact Assessment of May 2009 Microsoft Security Bulletins on Cisco Contact Center and Self Service Products New!
Impact Assessments for Cisco Contact Center and Self Service Products evaluate Microsoft security bulletins and associated software updates for potential impact to Cisco Contact Center products. For each respective Microsoft Security Bulletin, a Microsoft update is assigned one of three categorical ratings: Impacting, Deferred, or Not Applicable.
Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.
