Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Microsoft Security Bulletins for

= Check Point has provided a protection to this bulletin

Microsoft Security Bulletin MS09-008:
Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)

Severity: High

CVE-2009-0094: WPAD WINS Server Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows WINS servers. This vulnerability could allow a remote authenticated attacker to spoof a web proxy and thereby redirect Internet traffic to an address of the attackers choice.

CVE-2009-0093: DNS Server Vulnerability in WPAD Registration Vulnerability

A man-in-the-middle attack vulnerability exists in Windows DNS servers where dynamic update is used and ISATAP and WPAD are not already registered in DNS. This vulnerability could allow a remote authenticated attacker to spoof a web proxy thereby redirect Internet traffic to an address of the attackers choice.

CVE-2009-0233: DNS Server Query Validation Vulnerability

A spoofing vulnerability exists in Windows DNS server. This vulnerability could allow a remote unauthenticated attacker to quickly and reliably spoof responses and insert records into the DNS servers cache, thereby redirecting Internet traffic.

CVE-2009-0234: DNS Server Response Validation Vulnerability

A response validation vulnerability exists in Windows DNS Server. The vulnerability could allow an unauthenticated remote attacker to send specially crafted queries to a DNS server so as to allow greater predictability of transaction IDs used by the DNS server and thus to redirect Internet traffic from legitimate locations.

Microsoft Security Bulletin MS09-007:
Vulnerability in SChannel Could Allow Spoofing (960225)

Severity: High

CVE-2009-0085: SChannel Spoofing Vulnerability

A spoofing vulnerability exists in the Microsoft Windows SChannel authentication component when using certificate based authentication. An attacker who successfully exploited this vulnerability would be able to authenticate to a server using only an authorized users digital certificate and without the associated private key.

Microsoft Security Bulletin MS09-006:
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

Severity: Critical

CVE-2009-0081: Windows Kernel Input Validation Vulnerability

A remote code execution vulnerability exists in the Windows kernel due to improper validation of input passed from user mode through the kernel component of GDI. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVE-2009-0082: Windows Kernel Handle Validation Vulnerability

An elevation of privilege vulnerability exists in the Windows kernel due to the manner in which the kernel validates handles. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  • Check Point Response
  • This is a local vulnerability that can not be mitigated by a network IPS protection.

CVE-2009-0083: Windows Kernel Invalid Pointer Vulnerability

An elevation of privilege vulnerability exists in the Windows kernel due to improper handling of a specially crafted invalid pointer. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  • Check Point Response
  • This is a local vulnerability that can not be mitigated by a network IPS protection.

Microsoft Security

2009 Microsoft Security Bulletins by Month