This application requires Javascript for optimal performance.

Microsoft Security Bulletin for September 2009

The table below lists the Microsoft vulnerabilities for September.
MS Bulletin Number Microsoft Bulletin TitleSeverityImpact of VulnerabilityAffected SoftwareCVE ID
MS09-045Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)CriticalRemote Code ExecutionMicrosoft Windows CVE-2009-1132
MS09-046Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)CriticalRemote Code ExecutionMicrosoft Windows CVE-2009-2519
MS09-047Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)CriticalRemote Code ExecutionMicrosoft Windows CVE-2009-2498 CVE-2009-2499
MS09-048Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)CriticalRemote Code ExecutionMicrosoft Windows CVE-2008-4609 CVE-2009-1925 CVE-2009-1926
MS09-049Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710)CriticalRemote Code ExecutionMicrosoft Windows CVE-2009-1132


Threat Remediation


Fortinet provides coverage on Microsoft vulnerabilities in September 2009.

CVE NumberSignature Name
CVE-2009-1132MS.JScript.Keyword.Override.Code.Execution
CVE-2009-2519MS.DHTML.Editing.Component.ActiveX.Control.Code.Execution
CVE-2009-2498MS.Windows.ASF.Invalid.Free.Code.Execution
CVE-2009-2499MS.Media.MP3.Memory.Corruption
CVE-2009-1926TCP.Window.Size.Zero.DoS

For more information on new and enhanced signatures, visit the IPS Service Update History. If you require more information, contact the FortiGuard Team using our Contact Us web page.


Document History


Revision DateVersion Number
Tuesday, September 8, 20091Initial Documentation.


Reference: