Severity Rating: Important – Revision Note: V1.1 (December 9, 2009): Corrected the SMS 2.0 and SMS 2003 with SUIT entries for Windows Server 2003 x64 Edition Service Pack 2 in the SMS table. This is an information change only.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server.

MS09-070 – Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) – Version:1.1

Related posts

• MS09-054 – Critical: Cumulative Security Update for Internet Explorer (974455) – Version:1.1 (0)
• MS09-051 – Critical: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) – Version:1.1 (0)
• MS09-051 – Critical: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) – Version:1.0 (0)
• MS09-045 – Critical: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961) – Version:1.1 (0)
• MS08-078 – Critical: Security Update for Internet Explorer (960714) – Version:1.1 (0)