We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS12-043, MS12-044 and MS12-045 are all rated “Critical”.
MS12-043 (XML core services bug) is the most important patch this month. It is both publicly disclosed and being exploited. Make sure this one gets installed.
Microsoft’s risk assessment warns that MS12-044 and MS12-045 are “Likely to see reliable exploits developed within next 30 days” However MS12-044 only affects IE 9.
No out-of-band updates were released during the last month.
Side Note: All 3 critical patches “could allow remote code execution if a user views a specially crafted webpage” Here is a Microsoft link to “Six tips to help you stay safer online” It’s pretty generic advice we all know but it might be worth sending out to your clients (or using as an outline for something you write) as a reminder that the internet is a dangerous place. You can remind them you already take care of the first tip “Keep all software (including your web browser) current”.
http://www.microsoft.com/security/family-safety/online-safety-tips.aspx
9 Security Bulletins were released
Exploitability
Publically disclosed: MS12-043,MS12-046,MS12-047,MS12-049,MS12-050,MS12-051
Being exploited: MS12-043,MS12-046
Rated CRITICAL: MS12-043,MS12-044,MS12-045
(The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )
Requires Restart
Servers: Yes
Workstations: Yes
Know Issues per Microsoft
MS12-050
Security Bulletins
(MS#/Affected Software/Type)
CRITICAL
MS12-043:(XML Core Services) The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
MS12-044:(Internet Explorer) The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
MS12-045:(MDAC) The vulnerability could allow remote code execution if a user views a specially crafted webpage.
IMPORTANT
MS12-046:(Visual Basic for Applications) The vulnerability could allow remote code execution if a user opens a legitimate Microsoft Office file (such as a .docx file) that is located in the same directory as a specially crafted dynamic link library (DLL) file.
MS12-047:(Windows Kernel-Mode Drivers) The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
MS12-048:(Windows Shell) The vulnerability could allow remote code execution if a user opens a file or directory with a specially crafted name.
MS12-049:(TLS) The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system.
MS12-050:(Sharepoint) The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site.
MS12-051:(Office) The vulnerability could allow elevation of privilege if a malicious executable is placed on an affected system by an attacker, and then another user logs on later and runs the malicious executable.
Details and Links
MS12-043: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)
http://technet.microsoft.com/en-us/security/bulletin/ms12-043
Severity: Critical
KB in Kaseya: KB2719985,KB2721691,KB2721693
Affected Software: XP, Vista, Office 2003, Office 2007, Word Viewer,Office Sharepoint Server 2007, Server 2003, Office Compatability Pack, Server 2008, Expression Web, Groove Server 2007, Server 2008 R2, Windows 7, SharePoint Server 2007
Known Issues per MS: None
MS12-044: Cumulative Security Update for Internet Explorer (2719177)
http://technet.microsoft.com/en-us/security/bulletin/ms12-044
Severity: Critical
KB in Kaseya: KB2719177
Affected Software: Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-045: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365)
http://technet.microsoft.com/en-us/security/bulletin/ms12-045
Severity: Critical
KB in Kaseya: KB2698365,KB2596744
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-046: Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)
http://technet.microsoft.com/en-us/security/bulletin/ms12-046
Severity: Important
KB in Kaseya: KB2553447,KB2596744,KB2598243,KB2598361
Affected Software: Office 2003, Office 2007, Office 2010, Visual Basic for Applications
Known Issues per MS: None
MS12-047: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523)
http://technet.microsoft.com/en-us/security/bulletin/ms12-047
Severity: Important
KB in Kaseya: KB2718523
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-048: Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442)
http://technet.microsoft.com/en-us/security/bulletin/ms12-048
Severity: Important
KB in Kaseya: KB2691442
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-049: Vulnerability in TLS Could Allow Information Disclosure (2655992)
http://technet.microsoft.com/en-us/security/bulletin/ms12-049
Severity: Important
KB in Kaseya: KB2655992
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)
http://technet.microsoft.com/en-us/security/bulletin/ms12-050
Severity: Important
KB in Kaseya: KB2553194, KB2553322, KB2553365, KB2553424, KB2553431, KB2589325, KB2596663, KB2596666, KB2596786, KB2596911, KB2596942
Affected Software: SharePoint Services 3.0, SharePoint Foundation 2010, SharePoint Server 2007, Groove Server 2010, Office Web Apps 2010, SharePoint Server 2010, InfoPath 2010, InfoPath 2007
Known Issues per MS: http://support.microsoft.com/kb/2695502
MS12-051: Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)
http://technet.microsoft.com/en-us/security/bulletin/ms12-051
Severity: Important
KB in Kaseya: KB2721015
Affected Software: Office 2011 for MAC
Known Issues per MS: None
