Severity Rating: Important – Revision Note: V1.1 (December 9, 2009): Corrected the SMS 2.0 and SMS 2003 with SUIT entries for Windows Server 2003 x64 Edition Service Pack 2 in the SMS table. This is an information change only.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server.

MS09-070 – Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) – Version:1.1

Related posts

• MS10-048 – Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329) – Version:1.0 (0)
• MS10-046 – Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) – Version:1.0 (0)
• MS10-026 – Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816) – Version:1.1 (0)
• MS10-024 – Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) – Version:2.0 (0)
• MS10-005 – Moderate: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706) – Version:1.1 (0)