14 DAY TRIAL // In addition to releasing patches via Windows Update, Microsoft Update and WSUS, Microsoft is also making available a package with its monthly security updates for the various supported releases of the Windows operating system through the Download Center. The February 2009 Security Release ISO Image contains all the security bulletins dropped on February 10, 2009, offered as a DVD5 ISO image designed to streamline deployment of patches in IT infrastructures that lack the automation delivered by Windows Server Update Services. In this context, the February 2009 Security Release ISO Image brings to the table only the multiple individual language versions of each security update released on February 10, but only for Windows.
"The vendor is releasing four bulletins covering a total of eight vulnerabilities,” revealed Symantec's Robert Keith. “Of those, three are “Critical” issues affecting Exchange Server and Internet Explorer. We haven’t seen email-based attacks in a while, but the first Exchange Server issue is exactly that. To exploit the issue, an attacker only needs to send an email with a specially crafted attachment and entice an unsuspecting victim into opening the email. The other Exchange issue, rated “Important,” can be remotely exploited to cause an affected server to crash. This could have a significant impact on enterprise users. We've noticed what appears to be a trend regarding Internet Explorer. The vendor has released a cumulative security bulletin for that product every other month for the past 18 months. The remaining issues, all rated “Important,” affect Visio and SQL Server.”
Essentially, the February 2009 Security Release ISO Image offers a single security bulletin. MS09-004, deals with a single Microsoft SQL Server vulnerability rated as Important. The SQL Server sp_replwritetovarbin Limited Memory Overwrite vulnerability does not affect SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008, Microsoft informed. “This security update is rated Important for supported releases of SQL Server 2000, SQL Server 2005 Service Pack 2, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (Wyukon),” the software company added.
February 2009 Security Release ISO Image is available for download here.