Jump to content

Build Theme!
  •  
  • Infected?

Welcome to What the Tech - Register now for FREE

Get answers from experts today. (it's 100% free). Spyware, Virus, Trojan, Rootkit? Remove malware > Virus Removal Forum. Learn how it works.

Create an Account Login to Account


Photo

MS Security Bulletin Summary - April 2012


  • Please log in to reply
4 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,975 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 10 April 2012 - 12:35 PM

FYI...

- http://technet.micro...lletin/ms12-apr
April 10, 2012 - "This bulletin summary lists security bulletins released for April 2012...
(Total of -6-)

Critical -4-

Microsoft Security Bulletin MS12-023 - Critical
Cumulative Security Update for Internet Explorer (2675157)
- http://technet.micro...lletin/ms12-023
Critical - Remote Code Execution- Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS12-024 - Critical
Vulnerability in Windows Could Allow Remote Code Execution (2653956)
- http://technet.micro...lletin/ms12-024
Critical - Remote Code Execution- Requires restart - Microsoft Windows

Microsoft Security Bulletin MS12-025 - Critical
Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
- http://technet.micro...lletin/ms12-025
Critical - Remote Code Execution- May require restart - Microsoft Windows, Microsoft .NET Framework

Microsoft Security Bulletin MS12-027 - Critical
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
- http://technet.micro...lletin/ms12-027
Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft SQL Server, Microsoft Server Software, Microsoft Developer Tools

Important -2-

Microsoft Security Bulletin MS12-026 - Important
Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
- http://technet.micro...lletin/ms12-026
Important - Information Disclosure - May require restart - Microsoft Forefront United Access Gateway

Microsoft Security Bulletin MS12-028 - Important
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
- http://technet.micro...lletin/ms12-028
Important - Remote Code Execution - May require restart - Microsoft Office
___

- https://blogs.techne...Redirected=true
10 Apr 2012 - "... These bulletins will increase protection by addressing 11 CVEs. Customers should plan to install all of these updates as soon as possible. For those who must prioritize deployment, we recommend focusing first on these Critical updates:
• MS12-027 (Windows Common Controls)...
• MS12-023 (Internet Explorer)..."

Bulletin Deployment Priority
- https://blogs.techne...p_5F00_Prio.png

Severity and Exploitability Index
- https://blogs.techne...Sev_5F00_XI.png
___

ISC Analysis
- https://isc.sans.edu...l?storyid=12949
Last Updated: 2012-04-10 18:08:35 UTC
___

- https://secunia.com/advisories/48724/ - MS12-023
- https://secunia.com/advisories/48581/ - MS12-024
- https://secunia.com/advisories/48785/ - MS12-025
- https://secunia.com/advisories/48787/ - MS12-026
- https://secunia.com/advisories/48786/ - MS12-027
- https://secunia.com/advisories/48723/ - MS12-028

- http://www.securityt....com/id/1026901 - MS12-023
- http://www.securityt....com/id/1026906 - MS12-024
- http://www.securityt....com/id/1026907 - MS12-025
- http://www.securityt....com/id/1026909 - MS12-026
- http://www.securityt....com/id/1026899 - MS12-027
- http://www.securityt....com/id/1026900 - MS12-027
- http://www.securityt....com/id/1026902 - MS12-027
- http://www.securityt....com/id/1026903 - MS12-027
- http://www.securityt....com/id/1026904 - MS12-027
- http://www.securityt....com/id/1026905 - MS12-027
- http://www.securityt....com/id/1026910 - MS12-028
- http://www.securityt....com/id/1026911 - MS12-028
___

MSRT
- http://support.micro...om/?kbid=890830
April 10, 2012 - Revision: 101.0
(Recent additions)
- http://www.microsoft...e-families.aspx
... added this release...
• Bocinex
• Claretore
• Gamarue

- https://blogs.techne...Redirected=true
10 Apr 2012

Download:
- http://www.microsoft...i...ng=en&id=16
File Name: Windows-KB890830-V4.7.exe - 14.9 MB
- https://www.microsof...ls.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.7.exe - 15.5 MB

.

Edited by AplusWebMaster, 10 April 2012 - 11:53 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,975 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 15 April 2012 - 03:13 AM

FYI...

MS12-025 .Net update affects printing ...
- https://isc.sans.edu...l?storyid=12994
Last Updated: 2012-04-15 00:28:11 UTC - "... the most recent Microsoft .Net framework update may have affected printing from some applications. TurboTax* has released an update to address this issue in their software and Microsoft has updated the MS12-025 KB article** to indicate they are aware of the problem..."
* http://turbotax.intu...e/SLN61229.html

** http://support.micro....com/kb/2671605
Last Review: April 14, 2012 - Revision: 2.0
"... Known issues with this security update: • We are currently aware of an issue with printing from a Windows Forms application. After the installation of these security updates, certain Windows Forms applications may not print, or may not honor specified printer settings when they do print. There is no impact on systems that do not use printing functionality from a .NET Framework Windows Forms application. The investigation into this issue is ongoing.
Workaround: To print from an affected Windows Forms application, print the content to a file on your computer instead of directly printing to a printer device. For example, print to a PDF, XPS, or any other supported format file. You can then open the file that you created and print directly from there..."

.NET Framework Parameter Validation Vulnerability
- http://web.nvd.nist....d=CVE-2012-0163 - 9.3 (HIGH)

- https://technet.micr...lletin/ms12-025
V1.1 (April 13, 2012): Added a link to Microsoft Knowledge Base Article 2671605** under Known Issues in the Executive Summary.

:(

Edited by AplusWebMaster, 15 April 2012 - 09:29 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,975 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 20 April 2012 - 05:47 AM

FYI...

Fix for an error in custom Office solutions that occurs after you install MS12-027
- http://support.micro...b/2703186/en-us
Last Review: April 19, 2012 - Revision: 2.0 - "After you install the update solution in Office applications that use controls from Mscomctl.ocx, you may receive one or more of the following error messages:
> Object library invalid or contains references to object definitions that could not be found
> Element not found
> Cannot insert object ...
To enable or disable this fixit solution*, click the Fix it button or link under the Enable heading. Click Run in the File Download dialog box, and then follow the steps in the Fix it wizard...
* http://go.microsoft....?linkid=9806938
APPLIES TO:
Microsoft Office Excel 2003
Microsoft Office PowerPoint 2003
Microsoft Office Word 2003
Microsoft Office Excel 2007
Microsoft Office PowerPoint 2007
Microsoft Office Word 2007
Microsoft Excel 2010
Microsoft PowerPoint 2010
Microsoft Word 2010 ..."
___

- https://isc.sans.edu...l?storyid=13063
Apr 26, 2012 - "Packetstorm Security and Metasploit have Exploit code for MS12-027"

- http://www.symantec....eatconlearn.jsp
Apr 20, 2012 - "... MS12-027... Microsoft reports that this vulnerability is being exploited in the wild in specially crafted Office documents in limited, targeted attacks. Customers are advised to install all applicable updates as soon as possible..."

:ph34r:

Edited by AplusWebMaster, 26 April 2012 - 08:46 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,975 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 26 April 2012 - 05:59 AM

FYI...

MS SIRv12: Conficker
- http://www.theinquir...bling-microsoft
Apr 26 2012 - "... Microsoft has warned that the Conficker virus is still residing on millions of Windows machines. In its latest Security Intelligence Report, volume 12 (PDF*), the firm said that the worm had raised its head 220 million times in the last two and a half years. It said that it is one of the biggest threats to businesses and continues to be a problem because people insist on using crappy passwords..."

SIRv12: Conficker
- https://blogs.techne...Redirected=true
25 Apr 2012 - "... The nature of how later Conficker variants spread is the key to understanding what makes the worm so much more of an issue for businesses than for consumer users. Initially the worm spread through the Internet solely by exploiting a software vulnerability in the Windows Server service that had been addressed months earlier in Microsoft Security Bulletin MS08-067. About one month later, Conficker was updated to spread using the Autorun feature and weak passwords or stolen login tokens. The use of weak passwords and stolen login tokens was the change that gave it a foothold in the business sector environment...."
> http://www.microsoft...n/MS08-067.mspx

Microsoft Security Intelligence Report volume 12
* http://go.microsoft....?linkid=9807245
PDF

:ph34r: :ph34r:

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,975 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 April 2012 - 04:46 AM

FYI...

Microsoft Security Bulletin MS12-027 - Critical
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
- https://technet.micr...lletin/ms12-027
V2.0 (April 26, 2012): Added SP1 versions of SQL Server 2008 R2 to the Affected Software and added an entry to the update FAQ to explain which SQL Server 2000 update to use based on version ranges. These are informational changes only. There were no changes to the security update files or detection logic. For a complete list of changes, see the entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update.

MS12-027
- http://web.nvd.nist....d=CVE-2012-0158 - 9.3 (HIGH)
Last revised: 04/12/2012

CVE-2012-0158 Exploit in the Wild
- https://blogs.mcafee...oit-in-the-wild
April 23, 2012 - "... many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and some other Microsoft products. This exploit can be implemented in a variety of file formats, including RTF, Word, and Excel files. We have already found crafted RTF and Word files in the wild. In the malicious RTF, a vulnerable OLE file is embedded with \object and \objocx tags... always exercise caution when opening unsolicited emails..."

:ph34r: :ph34r:

Edited by AplusWebMaster, 03 May 2012 - 12:44 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users