Ïðîñìîòð ïîëíîé âåðñèè : Îêòÿáðüñêèé Microsoft Security Bulletin
Microsoft Security Bulletin Summary for October 2009
Published: October 13, 2009
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
Microsoft Security Bulletin MS09-050 - MS09-062
Microsoft Windows: MS09-050 - MS09-053, MS09-055 - MS09-059
Microsoft Windows, Internet Explorer: MS09-054
Microsoft Office: MS09-060
Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight: MS09-061
Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft SQL Server, Microsoft Developer Tools, Microsoft Forefront: MS09-062
Ïðèìå÷àíèå: Äëÿ çàãðóçêè ïàò÷åé èñïîëüçóéòå ññûëêó íà ñòàòüþ áþëëåòåíÿ, èç êîòîðîé âûáèðàéòå ññûëêó íà çàãðóçêó ïðèìåíèòåëüíî ê âàøåé ÎÑ èëè êîìïîíåíòó.
Microsoft Security Bulletin MS09-050
Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx
Ïåðåïîëíåíèå èíäåêñà ìàññèâà â Microsoft Windows
Ìíîæåñòâåííûå óÿçâèìîñòè â SMBv2
http://www.securitylab.ru/vulnerability/384870.php
Rating: Critical
Îïèñàíèå:
Îòêàç ïðè ðàçáîðå SMB-çàïðîñà NEGOTIATE PROTOCOL REQUEST ïðîòîêîëà SMB2.
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ âûçâàòü îòêàç â îáñëóæèâàíèè è ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè èíäåêñèðîâàíèÿ ìàññèâà â äðàéâåðå ÿäðà srv2.sys. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî SMBv2 ïàêåòà âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
2. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå âñåõ ïîëåé â SMBv2 ïàêåòàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî SMBv2 ïàêåòà âûçâàòü çàöèêëèâàíèå ïðèëîæåíèÿ è âûçâàòü çàâèñàíèå ñèñòåìû.
3. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè â ðåàëèçàöèè Microsoft Server Message Block (SMB) ïðè èñïîëüçîâàíèè íåïîäòâåðæäåííîé êîïèè çíà÷åíèé êîìàíä. Óäàëåííûé íåàâòîðèçîâàííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî SMB Multi-Protocol Negotiate Request ïàêåòà âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 *
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 *
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Non-Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-051
Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx
Ìíîæåñòâåííûå óÿçâèìîñòè â Windows Media Runtime
http://www.securitylab.ru/vulnerability/386525.php
Rating: Critical
Îïèñàíèå:
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå ASF ôàéëîâ, êîòîðûå èñïîëüçóþò Window Media Speech êîäåê â Windows Media Player. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ìóëüòèìåäèéíîãî ôàéëà âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
2. Óÿçâèìîñòü ñóùåñòâóåò èç-çà òîãî, ÷òî Microsoft Windows Media Runtime íåêîððåêòíî èíèöèàëèçèðóåò íåêîòîðûå ôóíêöèè â ñæàòûõ àóäèî ôàéëàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî àóäèî ôàéëà èëè ïîòîêîâûõ äàííûõ ñ Web ñàéòà âûçâàòü ïîâðåæäåíèå äèíàìè÷åñêîé ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• DirectShow WMA Voice Codec
• Windows Media Audio Voice Decoder
• Audio Compression Manager• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• DirectShow WMA Voice Codec
• Windows Media Audio Voice Decoder
• Audio Compression Manager• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• DirectShow WMA Voice Codec
• Windows Media Audio Voice Decoder
• Audio Compression Manager• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• DirectShow WMA Voice Codec
• Windows Media Audio Voice Decoder
• Audio Compression Manager• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• DirectShow WMA Voice Codec
• Windows Media Audio Voice Decoder
• Audio Compression Manager• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Media Audio Voice Decoder• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Media Audio Voice Decoder• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Media Audio Voice Decoder• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Media Audio Voice Decoder
Non-Affected Software:
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-052
Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
http://www.microsoft.com/technet/security/bulletin/ms09-052.mspx
Âûïîëíåíèå ïðîèçâîëüíîãî êîäà â Windows Media Player
http://www.securitylab.ru/vulnerability/386527.php
Rating: Critical
Îïèñàíèå:
Óÿçâèìîñòü ïîçâîëÿåò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
Óÿçâèìîñòü ñóùåñòâóåò èç-çà íåèçâåñòíîé îøèáêè ïðè îáðàáîòêå ASF ôàéëîâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ASF ôàéëà âûçâàòü ïåðåïîëíåíèå äèíàìè÷åñêîé ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Non-Affected Software:
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 *
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 *
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-053
Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
http://www.microsoft.com/technet/security/bulletin/MS09-053.mspx
Ïåðåïîëíåíèå áóôåðà â FTP-ñåðâåðå IIS Microsoft Windows
Rating: Important
Îïèñàíèå:
Ïåðåïîëíåíèå áóôåðà â êîìàíäå NLST. Òà æå îøèáêà ïðèâîäèò ê èñ÷åðïàíèþ ñòåêîâîé ïàìÿòè (ïåðåïîëíåíèþ ñòåêà) ïðè îòñóòñòâèè äîñòóïà íà çàïèñü ê êàòàëîãó.
Affected Software:
• IIS 5.0 (FTP Service 5.0)
• Microsoft Windows 2000 Service Pack 4• IIS 5.1 (FTP Service 5.1)
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2• IIS 6.0 (FTP Service 6.0)
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems• IIS 7.0 (FTP Service 6.0)
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Non-Affected Software:
• Microsoft Internet Information Services 7.0 (FTP Service 7.5*)
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems*Available as an out-of-box download. See entry in Frequently Asked Questions.
Microsoft Security Bulletin MS09-054
Cumulative Security Update for Internet Explorer (974455)
http://www.microsoft.com/technet/security/bulletin/ms09-054.mspx
Ìíîãî÷èñëåííûå óÿçâèìîñòè áåçîïàñíîñòè â Microsoft Internet Explorer
http://www.securitylab.ru/vulnerability/386539.php
Rating: Critical
Îïèñàíèå:
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà íåèçâåñòíîé îøèáêè ïðè îáðàáîòêå çàãîëîâêîâ ïîòîêîâ äàííûõ â íåêîòîðûõ ñèòóàöèÿ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî Web ñàéòà âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
2. Óÿçâèìîñòü ñóùåñòâóåò èç-çà íåèçâåñòíîé îøèáêè â HTML êîìïîíåíòå ïðè îáðàáîòêå àðãóìåíòà ïåðåìåííîé â îïðåäåëåííûõ ñèòóàöèÿõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî Web ñàéòà âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
3. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè êîïèðîâàíèè êîíñòðóêòîðà íåèçâåñòíîãî DOM îáúåêòà. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî Web ñàéòà âûçâàòü îøèáêó äâîéíîãî îñâîáîæäåíèÿ ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
4. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå äàííûõ î íåêîòîðûõ CSS ñòèëÿõ. Çëîóìûøëåííèê ìîæåò ñ ïîìîùüþ ðåæèìà çàïèñè ñòèëåé è êîìáèíàöèè îïðåäåëåííûõ HTML òåãîâ âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1
• Microsoft Windows 2000 Service Pack 4
• Microsoft Internet Explorer 6
• Microsoft Windows XP Service Pack 2 and Microsoft Windows XP Service Pack 3
• Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2
• Microsoft Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition Service Pack 1 and Microsoft Windows Server 2003 x64 Edition Service Pack 2
• Windows Internet Explorer 7
• Microsoft Windows XP Service Pack 2 and Microsoft Windows XP Service Pack 3
• Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2
• Microsoft Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems and Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition Service Pack 1 and Microsoft Windows Server 2003 x64 Edition Service Pack 2
• Windows Vista Service Pack 2
• Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems
• Windows Server 2008 for x64-based Systems
• Windows Server 2008 for Itanium-based Systems
• Windows Internet Explorer 8
• Microsoft Windows XP Service Pack 2 and Microsoft Windows XP Service Pack 3
• Microsoft Windows XP Professional x64 Edition and Microsoft Windows XP Professional x64 Edition Service Pack 2
• Microsoft Windows Server 2003 Service Pack 1 and Microsoft Windows Server 2003 Service Pack 2
• Microsoft Windows Server 2003 x64 Edition Service Pack 1 and Microsoft Windows Server 2003 x64 Edition Service Pack 2
• Windows Vista Service Pack 2
• Windows Vista x64 Edition Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 for 32-bit Systems
• Windows Server 2008 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-055
Cumulative Security Update of ActiveX Kill Bits (973525)
http://www.microsoft.com/technet/security/bulletin/ms09-055.mspx
Ìíîãî÷èñëåííûå óÿçâèìîñòè â áèáëèîòåêå Microsoft Active Template Library (ATL)
http://www.securitylab.ru/vulnerability/386542.php
http://www.securitylab.ru/vulnerability/383038.php
Rating: Critical
Îïèñàíèå:
Ïîâðåæäåíèÿ ïàìÿòè, óòå÷êà èíôîðìàöèè, ïðîáëåìà ñ èíèöèàëèçàöèåé, ïðèâîäÿùèå ê îáõîäó ïðîâåðêè kill-bit.
Óÿçâèìîñòü ñóùåñòâóåò èç-çà òîãî, ÷òî ðàçëè÷íûå ActiveX êîìïîíåíòû èñïîëüçóþò íåáåçîïàñíûì îáðàçîì óÿçâèìóþ ATL ôóíêöèþ OleLoadFromStream().
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-056
Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
http://www.microsoft.com/technet/security/bulletin/ms09-056.mspx
Ïîäìåíà ñåðòèôèêàòà â Microsoft CryptoAPI
http://www.securitylab.ru/vulnerability/386543.php
Rating: Important
Îïèñàíèå:
Ïîäìåíà èìåíè ñåðòèôèêàòà ñ ïîìîùüþ íóëåâîãî áàéòà.
Óÿçâèìîñòü ïîçâîëÿåò óäàëåííîìó ïîëüçîâàòåëþ ïðîèçâåñòè ñïóôèíã àòàêó.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå ASN.1 äàííûõ â X.509 ñåðòèôèêàòàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ íóëåâîãî áàéòà â ïîëå Common Name ïîäìåíèòü äîâåðåííûé ñåðòèôèêàò.
2. Öåëî÷èñëåííîå ïåðåïîëíåíèå îáíàðóæåíî ïðè îáðàáîòêå èäåíòèôèêàòîðîâ ASN.1 îáúåêòîâ â X.509 ñåðòèôèêàòàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî Object Identifiers (OID) ïîäìåíèòü äîâåðåííûé ñåðòèôèêàò.
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-057
Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
http://www.microsoft.com/technet/security/bulletin/ms09-057.mspx
Ïîâðåæäåíèå ïàìÿòè â ActiveX Microsoft Windows Indexing Service
http://www.securitylab.ru/vulnerability/386544.php
Rating: Important
Îïèñàíèå:
Óÿçâèìîñòü ïîçâîëÿåò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå ññûëîê â ActiveX êîìïîíåíòå, âõîäÿùåì â ñëóæáó èíäåêñèðîâàíèÿ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî URL âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Non-Affected Software:
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 *
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 *
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-058
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
Ìíîãî÷èñëåííûå óÿçâèìîñòè â ÿäðå Microsoft Windows
http://www.securitylab.ru/vulnerability/386545.php
Rating: Important
Îïèñàíèå:
Öåëî÷èñëåííîå ïåðåïîëíåíèå, îáðàùåíèå ïî íóëåâîìó àäðåñó, îøèáêè îáðàáîò÷èêà èñêëþ÷èòåëüíûõ ñèòóàöèé.
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò ëîêàëüíîìó ïîëüçîâàòåëþ âûçâàòü îòêàç â îáñëóæèâàíèè èëè ïîâûñèòü ñâîè ïðèâèëåãèè íà ñèñòåìå.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè â ÿäðå Windows ïðè ïðåîáðàçîâàíèè 64-áèòíîãî çíà÷åíèÿ â 32-áèòíîå. Ëîêàëüíûé ïîëüçîâàòåëü ìîæåò âûçâàòü öåëî÷èñëåííîå ïåðåïîëíåíèå è âûïîëíèòü ïðîèçâîëüíûé êîä íà ñèñòåìå ñ ïîâûøåííûìè ïðèâèëåãèÿìè.
2. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ðàçûìåíîâàíèÿ íóëåâîãî óêàçàòåëÿ â ÿäðå Windows ïðè îáðàáîòêå íåêîòîðûõ äàííûõ â èñïîëíÿåìûõ ôàéëàõ. Ëîêàëüíûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ôàéëà âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå ñ ïîâûøåííûìè ïðèâèëåãèÿìè.
3. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå èñêëþ÷åíèé â ÿäðå Windows. Ëîêàëüíûé ïîëüçîâàòåëü ìîæåò àâàðèéíî çàâåðøèòü ðàáîòó ñèñòåìû.
Affected Software:
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Non-Affected Software:
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Microsoft Security Bulletin MS09-059
Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)
http://www.microsoft.com/technet/security/bulletin/ms09-059.mspx
DoS ÷åðåç LSA ïðîòèâ Microsoft Windows
Öåëî÷èñëåííîå ïåðåïîëíåíèå â ñëóæáå LSASS â Microsoft Windows
http://www.securitylab.ru/vulnerability/386546.php
Rating: Important
Îïèñàíèå:
Îòêàç ïðè ðàçáîðå àóòåíòèôèêàöèè NTLM
Óÿçâèìîñòü ïîçâîëÿåò óäàëåííîìó ïîëüçîâàòåëþ ïðîèçâåñòè DoS àòàêó.
Öåëî÷èñëåííîå ïåðåïîëíåíèå ñóùåñòâóåò èç-çà îøèáêè â ðåàëèçàöèè NTLM ïðè îáðàáîòêå ïàêåòîâ â ïðîöåññå àóòåíòèôèêàöèè â ñëóæáå Local Security Authority Subsystem Service (LSASS). Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî àóòåíòèôèêàöèîííîãî NTLM ôðåéìà àâàðèéíî çàâåðøèòü ðàáîòó ñëóæáû è âûçâàòü ïåðåçàãðóçêó ñèñòåìû.
Affected Software:
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
Non-Affected Software:
• Microsoft Windows 2000 Service Pack 4
Microsoft Security Bulletin MS09-060
Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
http://www.microsoft.com/technet/security/bulletin/ms09-060.mspx
Óÿçâèìîñòè â áèáëèîòåêå Microsoft Active Template Library (ATL)
http://www.securitylab.ru/vulnerability/386547.php
http://www.securitylab.ru/vulnerability/383038.php
Rating: Critical
Îïèñàíèå:
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ îáîéòè íåêîòîðûå îãðàíè÷åíèÿ áåçîïàñíîñòè, ïîëó÷èòü äîñòóï ê âàæíûì äàííûì è ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
Óÿçâèìîñòè ñóùåñòâóþò èç-çà èñïîëüçîâàíèÿ óÿçâèìîé âåðñèè áèáëèîòåêè Active Template Library (ATL).
Affected Software:
• Office Suite and Other Software
• Microsoft Outlook 2002 Service Pack 3
• Microsoft Office Outlook 2003 Service Pack 3
• Microsoft Office Outlook 2007 Service Pack 1 and Microsoft Office Outlook 2007 Service Pack 2• Other Office Software
• Microsoft Visio 2002 Viewer*
• Microsoft Office Visio 2003 Viewer*
• Microsoft Office Visio Viewer 2007, Microsoft Office Visio Viewer 2007 Service Pack 1, and Microsoft Office Visio Viewer 2007 Service Pack 2*Microsoft recommends that users of Microsoft Visio Viewer 2002 and Microsoft Visio Viewer 2003 upgrade to Microsoft Office Visio Viewer 2007 Service Pack 2.
Microsoft Security Bulletin MS09-061
Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
Ìíîãî÷èñëåííûå óÿçâèìîñòè áåçîïàñíîñòè â Microsoft .Net
http://www.securitylab.ru/vulnerability/386549.php
Âûïîëíåíèå ïðîèçâîëüíîãî êîäà â Microsoft Silverlight
http://www.securitylab.ru/vulnerability/386551.php
Rating: Critical
Îïèñàíèå:
Ìíîãî÷èñëåííûå óÿçâèìîñòè ïîçâîëÿþò âûõîä èç îãðàíè÷åííîé ñðåäû.
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
1. Óÿçâèìîñòü ñóùåñòâóåò èç-çà íåèçâåñòíîé îøèáêè, êîòîðàÿ ïîçâîëÿåò çàïîëó÷èòü óïðàâëÿåìûé óêàçàòåëü íà ïàìÿòü â ñòåêå. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ASP .NET ïðèëîæåíèÿ èëè XBAP (XAML ïðèëîæåíèÿ) âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
2. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðîâåðêè ïîäëèííîñòè Microsoft .NET êîäà. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ASP .NET èëè XBAP ïðèëîæåíèÿ îáîéòè ìåõàíèçì ïðîâåðêè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
3. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè â Microsoft .NET Common Language Runtime (CLR) ïðè îáðàáîòêå èíòåðôåéñîâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî ASP .NET èëè XBAP ïðèëîæåíèÿ âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Microsoft .NET Framework 1.1 Service Pack 1
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit Systems
• Windows 7 for x64-based Systems
• Windows Server 2008 R2 for x64-based Systems
• Windows Server 2008 R2 for Itanium-based Systems
• Microsoft .NET Framework 2.0 Service Pack 1
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
• Microsoft Silverlight 2
Non-Affected Software:
• Microsoft .NET Framework 3.0
• Microsoft .NET Framework 3.0 Service Pack 1
• Microsoft .NET Framework 3.0 Service Pack 2
• Microsoft .NET Framework 3.5 Service Pack 1
• Microsoft .NET Framework 3.5.1
• Microsoft Silverlight 3
Microsoft Security Bulletin MS09-062
Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)
http://www.microsoft.com/technet/security/bulletin/ms09-062.mspx
Ìíîãî÷èñëåííûå óÿçâèìîñòè áåçîïàñíîñòè â Microsoft GDI+
http://www.securitylab.ru/vulnerability/386557.php
Rating: Critical
Îïèñàíèå:
Ìíîãî÷èñëåííûå óÿçâèìîñòè ïðè ðàçáîðå WMF, PNG, TIFF, BMP è äð.
Îáíàðóæåííûå óÿçâèìîñòè ïîçâîëÿþò óäàëåííîìó ïîëüçîâàòåëþ ñêîìïðîìåòèðîâàòü öåëåâóþ ñèñòåìó.
1. Öåëî÷èñëåííîå ïåðåïîëíåíèå îáíàðóæåíî ïðè îáðàáîòêå êîëè÷åñòâà öâåòîâ, èñïîëüçóåìûõ â bitmap èçîáðàæåíèè. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî bitmap èçîáðàæåíèÿ âûçâàòü ïåðåïîëíåíèå äèíàìè÷åñêîé ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
2. Öåëî÷èñëåííîå ïåðåïîëíåíèå îáíàðóæåíî ïðè îáðàáîòêå WMF ôàéëîâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî WMF ôàéëà âûçâàòü ïåðåïîëíåíèå äèíàìè÷åñêîé ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
3. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðîâåðêè ãðàíèö äàííûõ ïðè îáðàáîòêå PNG ôàéëîâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî PNG ôàéëà âûçâàòü ïåðåïîëíåíèå äèíàìè÷åñêîé ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
4. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðîâåðêè ãðàíèö äàííûõ ïðè îáðàáîòêå BitsPerSample òåãà â TIFF ôàéëàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî TIFF ôàéëà âûçâàòü ïåðåïîëíåíèå áóôåðà è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
5. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå graphic control ðàñøèðåíèé â TIFF ôàéëàõ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî TIFF ôàéëà âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
6. Öåëî÷èñëåííîå ïåðåïîëíåíèå îáíàðóæåíî â íåêîòîðûõ GDI+ API. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî .NET Framework ïðèëîæåíèÿ âûçâàòü ïåðåïîëíåíèå áóôåðà è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
7. Öåëî÷èñëåííîå ïåðåïîëíåíèå îáíàðóæåíî ïðè îáðàáîòêå PNG ôàéëîâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî PNG ôàéëà âûçâàòü ïåðåïîëíåíèå áóôåðà è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
8. Óÿçâèìîñòü ñóùåñòâóåò èç-çà îøèáêè ïðè îáðàáîòêå òèïîâ msofbtOPT Office Drawing çàïèñåé, ñîäåðæàùèõ îïðåäåëåííûå èäåíòèôèêàòîðû ñâîéñòâ. Óäàëåííûé ïîëüçîâàòåëü ìîæåò ñ ïîìîùüþ ñïåöèàëüíî ñôîðìèðîâàííîãî äîêóìåíòà Office âûçâàòü ïîâðåæäåíèå ïàìÿòè è âûïîëíèòü ïðîèçâîëüíûé êîä íà öåëåâîé ñèñòåìå.
Affected Software:
• Operating System
• Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista, Windows Vista Service Pack 1
• Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1
• Windows Server 2008 for 32-bit Systems
• Windows Server 2008 for x64-based Systems
• Windows Server 2008 for Itanium-based Systems
• Microsoft Internet Explorer 6 Service Pack 1
• Microsoft .NET Framework 1.1 Service Pack 1
• Microsoft .NET Framework 2.0 Service Pack 2
• Microsoft Office
• Microsoft Office XP Service Pack 3
• Microsoft Office 2003 Service Pack 3
• 2007 Microsoft Office System Service Pack 1
• 2007 Microsoft Office System Service Pack 2
• Microsoft Office Project 2002 Service Pack 1
• Microsoft Office Visio 2002 Service Pack 2
• Microsoft Office Word Viewer, Microsoft Word Viewer 2003, Microsoft Word Viewer 2003 Service Pack 3, Microsoft Office Excel Viewer 2003, Microsoft Office Excel Viewer 2003 Service Pack 3
• Microsoft Office Excel Viewer, PowerPoint Viewer 2007, PowerPoint Viewer 2007 Service Pack 1
• PowerPoint Viewer 2007 Service Pack 2
• Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
• Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
• Microsoft Expression Web and Microsoft Expression Web 2
Microsoft Office Groove 2007 and Microsoft Office Groove 2007 Service Pack 1
• Microsoft Works 8.5
• Microsoft SQL Server
• SQL Server 2000 Reporting Services Service Pack 2
• SQL Server 2005 Service Pack 2
• SQL Server 2005 x64 Edition Service Pack 2
• SQL Server 2005 for Itanium-based Systems Service Pack 2
• SQL Server 2005 Service Pack 3
• SQL Server 2005 x64 Edition Service Pack 3
• SQL Server 2005 for Itanium-based Systems Service Pack 3
• Developer Tools
• Microsoft Visual Studio .NET 2003 Service Pack 1
• Microsoft Visual Studio 2005 Service Pack 1
• Microsoft Visual Studio 2008
• Microsoft Visual Studio 2008 Service Pack 1
• Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package
• Microsoft Report Viewer 2008 Redistributable Package
• Microsoft Report Viewer 2008 Redistributable Package Service Pack 1
• Microsoft Visual FoxPro 8.0 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4
• Microsoft Visual FoxPro 9.0 Service Pack 2 when installed on Microsoft Windows 2000 Service Pack 4
• Microsoft Platform SDK Redistributable: GDI+
• Microsoft Forefront Client Security 1.0 when installed on Microsoft Windows 2000 Service Pack 4
vBulletin® v4.2.5, Copyright ©2000-2025, Jelsoft Enterprises Ltd. Ïåðåâîä: zCarot