Posted by: Brian R. Kneebone
Technology Consultant, Imaging and Printing Group

I was listening to one of my security podcasts while driving back in the car from a customer appointment and the podcaster mentioned a series of critical MS updates for most of its operating systems had been posted on the latest patch-Tuesday.  The full summary is available here:

http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx

Updates to prevent remote code execution are available for IIS, Desktop Search, etc. but the one that caught my attention was for the Windows spooler.  Security updates are not anything new and I would imagine most of our enterprise customers would address this via standard desktop management.  But I figured I'd share the information for print administrators given the spooler is being patched just in case there are print admins who like to stay in-the-know.  In my case this was helpful since I run a number of test/demo systems with my colleagues outside of the standard desktop management infrastructure.  I'd have definitely done the updates anyways, but I found the update helpful to re-remind me to get ontop of this.

Microsoft Security Bulletin MS09-022 - Critical
Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
http://www.microsoft.com/technet/security/Bulletin/MS09-022.mspx

FYI - I read through the related KB article (http://support.microsoft.com/kb/961501) and there does not appear to be any changes to UniDrv.dll or Pscript5.dll or their related files.  I make this point because many print administrators are sensitive to these changes given impacts on driver settings, length of time spoolers take to update, etc.  That said, I haven't done super thorough testing but wouldn't expect there to be any surprises.

Take care, B.