KB974926
Credential Relaying Attacks on Integrated Windows Authentication
Published: December 08, 2009
This advisory addresses the potential for attacks that affect the handling of credentials using Integrated Windows Authentication (IWA), and the mechanisms Microsoft has made available for customers to help protect against these attacks.
http://www.microsoft.com/technet/security/advisory/974926.mspx
KB954157
Security Enhancements for the Indeo Codec
Published: December 08, 2009
Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.
http://www.microsoft.com/technet/security/advisory/954157.mspx
KB977981
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: November 23, 2009 | Updated: December 08, 2009
Microsoft has completed investigating public reports of this vulnerability. We have issued Microsoft Security Bulletin MS09-072 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-072. The vulnerability addressed is the HTML Object Memory Corruption Vulnerability – CVE-2009-3672.
http://www.microsoft.com/technet/security/advisory/977981.mspx
Microsoft Security Advisories, a supplement to the Microsoft Security Bulletins, address security changes that may not require a security bulletin but that may still affect customers’ overall security.
http://www.microsoft.com/technet/security/advisory/default.mspx
