Skip to content

Virtual Administrator’s May 2012 Patch Recommendations

Virtual Administrator’s May 2012 Patch Recommendations

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

A number of MS Office vulnerabilities addressed this month.   If you have machines with Office Word 2007 deployed, installing MS12-029 is the top priority.  After that MS12-034 is the most concerning vulnerability.  MS12-034 fixes code targeted by Duqu Trojan.

No out-of-band updates were released during the last month.

7 Security Bulletins were released

Exploitability

Publically disclosed: MS12-030, MS12-032, MS12-034

Being exploited:  None

Rated CRITICAL: MS12-029, MS12-034, MS12-035

(The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )

 

Requires Restart

Servers: Yes for Server 2008,Server 2008 R2

Workstations: Yes for Vista, Windows 7

 

Know Issues per Microsoft

None

 

Security Bulletins

(MS#/Affected Software/Type)

 

CRITICAL

 

MS12-029:(Office Word) The vulnerability could allow remote code execution if a user opens a specially crafted RTF file.

 

MS12-034:(Windows, Office, ,Net, Silverlight) The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files.

 

MS12-035:(Net Framework) The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted webpage using a web browser that can run XAML Browser Applications (XBAPs).

 

IMPORTANT

 

MS12-030:(Office) The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file.

 

MS12-031:(Office Visio) The vulnerability could allow remote code execution if a user opens a specially crafted Visio file.

 

MS12-032:(Windows) The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.

 

MS12-033:(Windows) The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.

 

 

Details and Links

 

MS12-029: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)

http://technet.microsoft.com/en-us/security/bulletin/ms12-029

Severity: Critical

KB in Kaseya: KB2598332, KB2596917, KB2596880, KB2665346, KB2665351

Affected Software: Office 2003, 2007; Office 2008, 2011 for Mac; Office Compatability Pack

Known Issues per MS: None

 

MS12-030: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)

http://technet.microsoft.com/en-us/security/bulletin/ms12-030

Severity: Important

KB in Kaseya: KB2553371, KB2597086, KB2597161, KB2597162,KB2597166, KB2596842

Affected Software: Office 2003, 2007, 2010; Office 2008, 2011 for Mac; Excel Viewer, Office Compatability Pack

Known Issues per MS: None

 

MS12-031: Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)

http://technet.microsoft.com/en-us/security/bulletin/ms12-031

Severity: Important

KB in Kaseya: KB2597981

Affected Software: Visio 2010 Viewer

Known Issues per MS: None

 

MS12-032: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)

http://technet.microsoft.com/en-us/security/bulletin/ms12-032

Severity: Important

KB in Kaseya: KB2688338

Affected Software: Vista, Server 2008, Server 2008 R2, Windows 7

Known Issues per MS: None

 

MS12-033: Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)

http://technet.microsoft.com/en-us/security/bulletin/ms12-033

Severity: Important

KB in Kaseya: KB2690533

Affected Software: Vista, Server 2008, Server 2008 R2, Windows 7

Known Issues per MS: None

 

MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)

http://technet.microsoft.com/en-us/security/bulletin/ms12-034

Severity: Critical

KB in Kaseya: KB2656405,KB2656407,KB2656409 KB2656410, KB2656411,KB2658846,KB2659262,KB2660649,KB2686509

Affected Software: XP,Vista, Server 2003,Server 2008,Server 2008 R2, Windows 7;Office 2003, 2007; Silverlight 3,4,5

Known Issues per MS: None

 

MS12-035: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)

http://technet.microsoft.com/en-us/security/bulletin/ms12-035

Severity: Critical

KB in Kaseya: KB2604042,KB2604044,KB2604078,KB2604092,KB2604110,KB2604111,KB2604114,KB2604115,KB2604121

Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7

Known Issues per MS: None

Scroll To Top