No replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...lletin/ms12-jan
January 10, 2012 - "This bulletin summary lists security bulletins released for January 2012...
(Total of -7-)

Microsoft Security Bulletin MS12-004 - Critical
Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
- https://technet.micr...lletin/ms12-004
Critical - Remote Code Execution - Requires restart- Microsoft Windows

Microsoft Security Bulletin MS12-001 - Important
Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
- https://technet.micr...lletin/ms12-001
Important - Security Feature Bypass - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS12-002 - Important
Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)
- https://technet.micr...lletin/ms12-002
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS12-003 - Important
Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)
- https://technet.micr...lletin/ms12-003
Important - Elevation of Privilege - Requires restart- Microsoft Windows

Microsoft Security Bulletin MS12-005 - Important
Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)
- https://technet.micr...lletin/ms12-005
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS12-006 - Important
Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)
- https://technet.micr...lletin/ms12-006
Important - Information Disclosure - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS12-007 - Important
Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)
- https://technet.micr...lletin/ms12-007
Important - Information Disclosure - May require restart - Microsoft Developer Tools and Software
___

ISC Analysis
- https://isc.sans.edu...l?storyid=12361
Last Updated: 2012-01-10 18:38:36 UTC
___

Deployment Priority
- https://blogs.techne...00_Priority.PNG

Severity and Exploitability Index
- https://blogs.techne...and_5F00_XI.PNG

- https://blogs.techne...Redirected=true
___

- https://secunia.com/advisories/47356/ - MS12-001
- https://secunia.com/advisories/45189/ - MS12-002
- https://secunia.com/advisories/47479/ - MS12-003
- https://secunia.com/advisories/47485/ - MS12-004
- https://secunia.com/advisories/47480/ - MS12-005
- https://secunia.com/advisories/46168/ - MS12-006
- https://secunia.com/advisories/47483/ - MS12-007
- https://secunia.com/advisories/47516/ - MS12-007

- http://www.securityt....com/id/1026498 - MS12-006
___

MSRT
- http://support.micro...om/?kbid=890830
January 10, 2012 - Revision: 97.1
(Recent additions)
- http://www.microsoft...e-families.aspx
... added this release...
• Sefnit*

Download:
- http://www.microsoft...i...ng=en&id=16
File Name: windows-kb890830-v4.4.exe - 13.8 MB
- https://www.microsof...ls.aspx?id=9905
x64 version of MSRT:
File Name: windows-kb890830-x64-v4.4.exe - 14.2 MB

* https://blogs.techne...Redirected=true
10 Jan 2012 - "... Sefnit... often installed by different exploit kits including such as "Blackhole" (detected as Blacole), or distributed on file sharing networks with enticing "keygen" or "crack" styled file names..."

.

Edited by AplusWebMaster, 11 January 2012 - 06:45 AM.