Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - May 2012


  • Please log in to reply
2 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 08 May 2012 - 12:56 PM

FYI...

- https://technet.micr...lletin/ms12-may
May 08, 2012 - "This bulletin summary lists security bulletins released for May 2012...
(Total of -7-)

Critical -3-

Microsoft Security Bulletin MS12-029 - Critical
Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
- https://technet.micr...lletin/MS12-029
Critical - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-034 - Critical
Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
- https://technet.micr...lletin/ms12-034
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Office

Microsoft Security Bulletin MS12-035 - Critical
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
- https://technet.micr...lletin/ms12-035
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework

Important -4-

Microsoft Security Bulletin MS12-030 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
- https://technet.micr...lletin/ms12-030
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-031 - Important
Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
- https://technet.micr...lletin/MS12-031
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-032 - Important
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
- https://technet.micr...lletin/ms12-032
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS12-033 - Important
Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
- https://technet.micr...lletin/ms12-033
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___

- https://blogs.techne...Redirected=true

Bulletin Deployment Priority
- https://blogs.techne..._5F00_Slide.PNG

Severity and Exploitability Index
- https://blogs.techne..._5F00_Slide.PNG
___

ISC Analysis
- https://isc.sans.edu...l?storyid=13159
Last Updated: 2012-05-08 18:06:14 UTC

- http://blogs.iss.net...FT_Super_T.html
• MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight...
-Ten- vulnerabilities are addressed in this update, three of which are listed as publicly disclosed. The updates touch many parts of the operating system...
• MS12-035: Vulnerabilities in .NET Framework Could Allow Remote Code Execution
Two more vulnerabilities in .NET are addressed... These are separate vulnerabilities, but each involve problems in code responsible for serializing/deserializing data from/into an object. Exploitation via specially crafted .NET code can result in arbitrary code execution...
• MS12-029: Vulnerability in Microsoft Word Could Allow Remote Code Execution
A single vulnerability in Microsoft Office's RTF parser is addressed... This vulnerability can be exploited for remote code execution... The RTF parser is shared among Office components so vulnerabilities in the parser can be exploited via an email in Outlook rendered as RTF as well as document attachments.
___

- https://secunia.com/advisories/49111/ - MS12-029
- https://secunia.com/advisories/49112/ - MS12-030
- https://secunia.com/advisories/49113/ - MS12-031
- https://secunia.com/advisories/49114/ - MS12-032
- https://secunia.com/advisories/49115/ - MS12-033
- https://secunia.com/advisories/49119/ - MS12-034
- https://secunia.com/advisories/49120/ - MS12-034
- https://secunia.com/advisories/49121/ - MS12-034
- https://secunia.com/advisories/49122/ - MS12-034
- https://secunia.com/advisories/49117/ - MS12-035

- http://www.securityt....com/id/1027035 - MS12-029
- http://www.securityt....com/id/1027041 - MS12-030
- http://www.securityt....com/id/1027042 - MS12-031
- http://www.securityt....com/id/1027044 - MS12-032
- http://www.securityt....com/id/1027043 - MS12-033
- http://www.securityt....com/id/1027038 - MS12-034
- http://www.securityt....com/id/1027039 - MS12-034
- http://www.securityt....com/id/1027040 - MS12-034
- http://www.securityt....com/id/1027048 - MS12-034
- http://www.securityt....com/id/1027035 - MS12-035
___

MSRT
- http://support.micro...om/?kbid=890830
May 8, 2012 - Revision: 102.0
(Recent additions)
- http://www.microsoft...e-families.aspx
... added this release...
• Dishigy
• Unruy

Download:
- http://www.microsoft...i...ng=en&id=16
File Name: Windows-KB890830-V4.8.exe - 15.4 MB
- https://www.microsof...ls.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.8.exe - 16.0 MB

.

Edited by AplusWebMaster, 22 May 2012 - 06:34 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 11 May 2012 - 02:57 PM

FYI...

MS12-034 buggy...

- http://support.micro....com/kb/2686509
Article ID: 2686509 - Last Review: May 16, 2012 - Revision: 3.0

Maurice N - MS MVP 2002-2010 - AumHa moderator & VSOP - DTS-L - malwarebytes.org forum moderator
- http://answers.micro...a4-793d01b483db
May 9, 2012 - "... Open Internet Explorer (only!) to
- http://support.microsoft.com/kb/923737 [ignore any DOES NOT APPLY warnings as well as the APPLIES TO section] & run the Fix It.
Note=> For optimal results, check the Delete personal settings option.
1a. Open Internet Explorer (only!) to
- http://support.microsoft.com/kb/910336 [ignore the title & Symptoms].
1b. Dismiss/close the "automated troubleshooter" pop-up! - then...
1c. Ignoring any "Not recommended" or similar warnings, run Fix It 50202 in DEFAULT mode (if on a later run you still have the same failure, then repeat the above steps & then select the Agressive mode).
2. Reboot & then run a manual check for updates at Windows Update, etc., etc...
When you reach Windows Update, do a Custom scan for updates. Take (accept) the ones marked Critical or Important.
Decline any that are marked as "optional".
Have infinite patience while it scans and does it's work.
When it prompts you to Restart Windows, please do that. Allow it to restart.
Visit Windows Update via Start >> All Programs >> Windows Update
or Internet Explorer >> Tools >> Windows Update "

-or-

MS12-034: KB2686509 - Failure - due to remapping of a key
- https://social.techn...g-of-a-key.aspx

-or-

Problem with MS12-034 / KB 2676562 patch
- http://www.askwoody....-2676562-patch/
May 9, 2012

:( :pullhair:

Edited by AplusWebMaster, 19 May 2012 - 06:09 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 23 May 2012 - 05:51 AM

FYI...

Windows XP in update loop
- http://h-online.com/-1582649
23 May 2012 - "Users of Windows XP are reporting more problems with recent automatic updates. Three security updates for .NET Framework 2.0 and 3.5 are at the centre of the problem, labelled as patches KB2518664, KB2572073 and KB2633880 in Windows XP's automatic update feature.
On affected systems, the installation of these patches proceeds without error but after a short time, the update service says it would like to install them again and will keep reinstalling the patches if allowed. Microsoft's general advice in this situation is to reset Windows Update components*, though it has yet to offer any specific advice. It is interesting to note that the three patches in question were -not- released on Microsoft's official patch day."
* http://support.microsoft.com/kb/910339
Last Review: May 18, 2012 - Revision: 14.1

MS11-044: http://support.micro....com/kb/2518864
Last Review: May 15, 2012 - Revision: 3.1
MS11-078: http://support.micro....com/kb/2572073
Last Review: October 11, 2011 - Revision: 1.1
MS12-016: http://support.micro....com/kb/2633880
Last Review: February 14, 2012 - Revision: 1.0
___

- http://msmvps.com/bl...oft-update.aspx
"... Now fixed, and the Microsoft securty bulletin alert indicates that some of these updates got a detection change..."

- https://technet.micr...lletin/ms12-035
• V2.1 (May 22, 2012): Added entry to the update FAQ to announce a detection change for KB2604092 for Microsoft .NET Framework 2.0 Service Pack 2 and KB2604110 for Microsoft .NET Framework 3.0 Service Pack 2 to correct an installation issue...

:ph34r: :scratch:

Edited by AplusWebMaster, 25 May 2012 - 11:36 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users