Virtual Administrator’s October 2012 Patch Recommendations

7 Security Bulletins were released – 1 Critical and 6 Important

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS12-064 is the top priority this month.  After your next patch cycle completes you should follow up and make sure this is installed.  MS12-066 and MS12-067 are publicly disclosed and MS12-066 is already being exploited.

ONE out-of-band updates were released during the last month on 9/21/12.   We previously blogged about this, but make sure that MS12-063 – Cumulative Security Update for Internet Explorer is applied to your machines

Noteworthy Patch News

nothing

This Month In Brief

Exploitability

• Publicly disclosed: MS12-066, MS12-067
• Being exploited: MS12-066
• Rated CRITICAL: MS12-064
• (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )

Requires Restart

• Servers: Yes
• Workstations: Yes

Known Issues per Microsoft

• MS12-064 – check notes
• MS12-066 – check notes
• MS12-070 – check notes

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

	MS12-064: (Office Word)	This security update resolves two privately reported vulnerabilities in Microsoft Office. The more severe vulnerability could allow remote code execution if a user opens or previews a specially crafted RTF file. Details KB in Kaseya: KB2553488,KB2687314,KB2687315,KB2687483 Affected Software: 2003,Office 2007,Word Viewer,Office Compatibility Pack,Office 2010,Office Web Apps 2010,SharePoint Server 2010 Known Issues per MS: http://support.microsoft.com/kb/2742319

IMPORTANT

	MS12-065: (Works Converters)	The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Word file using Microsoft Works. Details KB in Kaseya: KB2754670 Affected Software: Works 9 Known Issues per MS:None
	MS12-066: (Microsoft Office, Communications Platforms, Server software, and Office Web Apps)	The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user. Details KB in Kaseya: KB2726382, KB2687405, KB2687417, KB2687436, KB2687439, KB2687440, KB2687442, KB2726391 Affected Software: SharePoint Services 3.0,SharePoint Foundation 2010,SharePoint Server 2007,Groove Server 2010,Web Apps SharePoint Server 2010,Lync 2010,Communicator 2007 R2,InfoPath 2007 and 2010 Known Issues per MS: http://support.microsoft.com/kb/2741517
	MS12-067: (Fast Search Server)	The vulnerability could allow remote code execution if a user opens a specially crafted file or embeds a specially crafted Computer Graphics Metafile (CGM) graphics file into an Office file. Details  KB in Kaseya: KB2742321 Affected Software: Fast Search Server 2010 Known Issues per MS: none
	MS12-068: (Windows)	The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. Details KB in Kaseya: KB2724197 Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7 Known Issues per MS: None
	MS12-069: (Kerberos)	The vulnerability could allow denial of service if a remote attacker sends a specially crafted session request to the Kerberos server.  Details KB in Kaseya: KB2743555 Affected Software: Server 2008 R2, Windows 7 Known Issues per MS: None
	MS12-070: (SQL Server Report Manager)	The vulnerability is a cross-site-scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the SSRS site in the context of the targeted user. Details KB in Kaseya: KB2716427, KB2716429, KB2716434, KB2716436, KB2716440, KB2716442 Affected Software: SQL Server 2000, 2005, 2008, 2008 R2, 2012 Known Issues per MS: http://support.microsoft.com/kb/2754849