9 Security Bulletins were released – 5 Critical and 4 Important
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS12-060 and MS12-054 are the top priority this month. After your next patch cycle completes you should follow up and make sure these are installed. Exchange Server administrators will want follow up on MS12-058. MS12-053 is an RDP vulnerability but only applies to XP and only machines with this enabled are at risk.
No out-of-band updates were released during the last month.
Noteworthy Patch News
“Microsoft Security Advisory – Update For Minimum Certificate Key Length”
Update restricts the use of certificates with RSA keys less than 1024 bits in length. This update will not be released via Windows Update until October 2012 but is available now so system administrators can install and test.
This Month In Brief
- Publically disclosed: None
- Being exploited: MS12-060
- Rated CRITICAL: MS12-052, MS12-053, MS12-054, MS12-058, MS12-060
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )
- Servers: Yes
- Workstations: Yes
Known Issues per Microsoft
New Security Bulletins
|MS12-052:(Internet Explorer)||The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.|
|MS12-053:(RDP)||The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.|
|MS12-054:(Windows Networking)||The most severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted response to a Windows print spooler request.|
|MS12-058:(Exchange)||The vulnerabilities could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA).|
|MS12-060:(Windows Common Controls)||The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability.|
|MS12-055:(Windows kernel-mode drivers)||The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.|
|MS12-056:(JScript and VBScript Scripting Engine)||The vulnerability could allow remote code execution if a user visited a specially crafted website.|
|MS12-057:(Office)||The vulnerability could allow remote code execution if a user opens a specially crafted file or embeds a specially crafted Computer Graphics Metafile (CGM) graphics file into an Office file.|
|MS12-059:(Visio)||The vulnerability could allow remote code execution if a user opens a specially crafted Visio file.|