Virtual Administrator’s November 2012 Patch Recommendations

6 Security Bulletins were released – 4 Critical, 1 Important, and 1 Moderate

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

Noteworthy Patch News

Critical update MS12-071 for Internet Explorer is the top priority this month. However the problem only affects IE 9 so the actual percentage of vulnerable machines may not be that great. The 3 other critical updates (MS12-072, MS12-074, MS12-075) affect all Microsoft operating systems. Expect all of your machines to require a reboot after this month’s patches are applied.

No out-of-band updates were released during the last month.

This Month In Brief

Exploitability

Requires Restart

  • Servers: Yes
  • Workstations: Yes

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS12-071 (Internet Explorer) The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
KB in Kaseya: KB2761451
Affected Software: Vista, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None
MS12-072 (Windows Shell) The vulnerabilities could allow remote code execution if a user browses to a specially crafted briefcase in Windows Explorer.
Details
KB in Kaseya: KB2727528
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows 7, Windows 8
Known Issues per MS: None
MS12-074 (.Net Framework) The most severe of these vulnerabilities could allow remote code execution if an attacker convinces the user of a target system to use a malicious proxy auto configuration file and then injects code into the currently running application.
Details
KB in Kaseya: KB2698023, KB2698032, KB2698035, KB2729449, KB2729450, KB2729451, KB2729452, KB2729453, KB2729460, KB2729462, KB2737019, KB2737083, KB2737084, KB2756872
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows 7, Windows 8
Known Issues per MS: None
MS12-075 (Windows Kernel-Mode Drivers) The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files.
Details
KB in Kaseya: KB2761226
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Server 2012, Windows 7, Windows 8
Known Issues per MS: None

IMPORTANT

MS12-076 (Office Excel) The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file with an affected version of Microsoft Excel.
Details
KB in Kaseya: KB2597126, KB2687481, KB2687307, KB2687311, KB2687313
Affected Software: Office (2003, 2007, 2010), Office (2008, 2011) for Mac,Excel Viewer,Office Compatibility Pack
Known Issues per MS: None

MODERATE

MS12-073 (Internet Information Services) The more severe vulnerability could allow information disclosure if an attacker sends specially crafted FTP commands to the server.
Details
KB in Kaseya: KB2716513, KB2719033
Affected Software: Vista, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None