Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » MS09-043

Overview

Id MS09-043
Name MS09-043 957638 947319 (English/MUI) Update for Office 2002 Web Components in Office 2003 (re-released 10/27/09) (Rev 2)
Vendor Name microsoft
Product Windows 2K3SP1,Windows 2K3SP2,Windows 2K8SP1,Windows 2K8SP2,Windows 2KSP4,Windows VISTASP0,Windows VISTASP1,Windows VISTASP2,Windows 7,Windows XPSP2,Windows XPSP3
Content Type Critical - 01 Critical - 01
Language(s) ENGLISH 
Operating System(s) Windows 
Released On 22 Oct 2009 12:00:00

MS09-043

MS09-043 957638 947319 (English/MUI) Update for Office 2002 Web Components in Office 2003 (re-released 10/27/09) (Rev 2)

Vendor Name

microsoft

Product

Windows 2K3SP1,Windows 2K3SP2,Windows 2K8SP1,Windows 2K8SP2,Windows 2KSP4,Windows VISTASP0,Windows VISTASP1,Windows VISTASP2,Windows 7,Windows XPSP2,Windows XPSP3

Released On

22 Oct 2009 12:00:00

Url

http://support.microsoft.com/kb/957638

Description

This security update resolves several privately reported vulnerabilities in Microsoft Office Web Components that could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Re-release Information:
Microsoft rereleased on 10/27/2009 to address a problem in which the previous version of the update cannot be installed if Access Runtime 2003 is installed.

Important Notes:

  • If the previous version of the update is installed in quiet mode, the update is installed successfully. However, future updates may not install successfully. If you experience either of these problems, you should install the rereleased update.
  • If you do not use Access Runtime 2003 or if you successfully installed the previous version of this update, and you do not experience problems installing later updates, you do not have to install the rereleased update.
  • Users who deployed the original update will already show Patched for this one. If you experience any of the issues stated above, it is highly recommended to install this rereleased update.
  • Revision Information:
    Revision 2: Modified to more accurately show vulnerability status and to more accurately detect vulnerable installations of Office 2002 Web Components in Office 2003.

    Related Resources

    Related Vulnerabilities

    CVE-2009-0562   CVE-2009-2496   CVE-2009-1136   CVE-2009-1534  

    Related Patches

    Superseded Patches

    None


    Last Updated: 27 May 2016 11:19:41