Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
Advanced search tips 
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Critical Microsoft Office security updates

June 12, 2009

Microsoft released new patches for critical Windows and Microsoft Office vulnerabilities on June 9, 2009. Also, Adobe released critical patches for Adobe Acrobat and Adobe Reader software.

* All Windows PCs must be patched. *

To patch your PC:

Click on the update icon on the taskbar (it is a globe or yellow shield with an exclamation point, depending on which version of Windows you're running).

If you do not have such an icon, run Windows Update by going to the site:

All Office 2000 users should also go to the site:

After patching, you must reboot your PC in order for the patches to take effect.

All users of Adobe Reader or Adobe Acrobat, both on Windows and Macs, must patch. To do so, open Adobe Reader or Adobe Acrobat and select:

Help > Check for Updates.

Follow the given instructions to download and install updates for your Adobe products. Note: Adobe Reader/Acrobat on Unix platforms also have known security vulnerabilities. However, patches for Unix platforms will only be available beginning June 16.

If you are using Microsoft Office 2004 or Office 2008 on a Macintosh, use Microsoft AutoUpdate for Mac, which comes with Office, to check for updates or visit the Macintosh Office download page to get the latest updates:

If you will be manually installing updates, check the "system requirements" section on the download page to make sure that previous required updates have been installed.

This month's Microsoft patches also include patches for a previously announced IIS 5/IIS 6 WebDav vulnerability. If you are running an IIS 5/6 server, see the URL below for information about this patch:

If you are running Active Directory Application Mode (ADAM) or Active Directory on Windows Server 2003 or Windows 2000 Server, see the URL below for a critical patch for these services:

Please contact or call the SCS Help Desk (x8-4231) if you have questions or problems with applying these patches.

Thank you for your attention,

SCS Help Desk