We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS12-036 is rated Critical and is a vulnerability in Remote Desktop. After your next patch cycle completes you should follow up and make sure this is installed. This is an RDP vulnerability and only machines with RDP enabled are at risk, however, the patch will be installed on all systems whether RDP is currently enabled or not. Microsoft considers a successful exploit very likely within the next 30 days.
The intriguing news this month was an update Microsoft released on June 3 (KB2718704) to address Flame malware (W32.Flamer). Kaspersky first identified it and has since commented “the geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it”. Although the vulnerability was not easy to exploit it was receiving a lot of press and Microsoft felt it needed to act a quickly as possible. Technically this was not a out-of-band security patch as it was classified as a “Critical Update (High Priority)” Here is a Microsoft blog posted the day of the release: http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx Here are some of the “juicy” details about Flame: http://www.informationweek.com/news/security/management/240001763
No out-of-band updates were released during the last month.
7 Security Bulletins were released
Exploitability
Publically disclosed: MS12-037,MS12-039,MS12-042
Being exploited: None
Rated CRITICAL: MS12-036, MS12-037, MS12-038
(The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )
Requires Restart
Servers: Yes
Workstations: Yes
Know Issues per Microsoft
MS12-039, MS12-040
Security Bulletins
(MS#/Affected Software/Type)
CRITICAL
MS12-036: (Remote Desktop) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
MS12-037: (Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
MS12-038:(.Net Framework) The vulnerability could allow remote code execution on a client system if a user views a specially crafted webpage using a web browser that can run XAML Browser Applications (XBAPs).
IMPORTANT
MS12-039: (Lync) The most severe vulnerabilities could allow remote code execution if a user views shared content that contains specially crafted TrueType fonts.
MS12-040: (Dynamics AX) The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL or visits a specially crafted website.
MS12-041: (Windows kernel mode drivers) The vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.
MS12-042: (Windows) The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that exploits the vulnerability.
Details and Links
MS12-036: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939)
http://technet.microsoft.com/en-us/security/bulletin/ms12-036
Severity: Critical
KB in Kaseya: KB2685939
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-037: Cumulative Security Update for Internet Explorer (2699988)
http://technet.microsoft.com/en-us/security/bulletin/ms12-037
Severity: Critical
KB in Kaseya: KB2699988
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-038: Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726)
http://technet.microsoft.com/en-us/security/bulletin/ms12-038
Severity: Critical
KB in Kaseya: KB2686827,KB2686828,KB2686830,KB2686831,KB2686833
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)
http://technet.microsoft.com/en-us/security/bulletin/ms12-039
Severity: Important
KB in Kaseya: KB2596744,KB2598361,KB2693282,KB2708980
Affected Software: Lync 2010,Communicator 2007 R2
Known Issues per MS: http://support.microsoft.com/kb/2707956
MS12-040: Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)
http://technet.microsoft.com/en-us/security/bulletin/ms12-040
Severity: Important
KB in Kaseya: KB2706738,KB2710639,KB2711239
Affected Software: Dynamics AX 2012
Known Issues per MS: http://support.microsoft.com/kb/2709100
MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162)
http://technet.microsoft.com/en-us/security/bulletin/ms12-041
Severity: Important
KB in Kaseya: KB2709162
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-042: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167)
http://technet.microsoft.com/en-us/security/bulletin/ms12-042
Severity: Important
KB in Kaseya: KB2707511,KB2709715
Affected Software: XP, Server 2003,Server 2008 R2, Windows 7
Known Issues per MS: None
