Microsoft patches critical hole in Windows, Windows Server and Microsoft Office products
Microsoft released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word), including a critical patch for holes in the Windows kernel and other Windows and Office components that could allow an attacker to take control of a computer. The critical bulletin affecting the Kernel-Mode Drivers was publicly disclosed and could be used to create a Web page with malware designed to exploit the hole on systems that visit the page, Microsoft said. To better demonstrate affected products and important aspects of MS09-065, included a more detailed overview slide (below #2).
Adrian Stone and Jerry Bryant from MSRC and give a brief overview of MS09-063, MS09-064 and MS09-065 bulletin release in video below, more info here:
Administrators should be very careful when installing MS09-065 on Windows XP Pro machines. It could prohibit RDP sessions and cause the machine to freeze when you try to log on remotely. This happened on my test machine. When I uninstalled the update, RDP worked fine. Test this update thoroughly.