3 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...lletin/ms12-sep
Sep 11, 2012 - "This bulletin summary lists security bulletins released for September 2012...
(Total of -2-)

Microsoft Security Bulletin MS12-061 - Important
Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privilege (2719584)
- https://technet.micr...lletin/ms12-061
Important - Elevation of Privilege - No restart required - Microsoft Developer Tools

Microsoft Security Bulletin MS12-062 - Important
Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)
- https://technet.micr...lletin/ms12-062
Important - Elevation of Privilege - No restart required - Microsoft Server Software

Bulletin Deployment priority
- https://blogs.techne...loyment-Pri.png

Severity and exploitability index
- https://blogs.techne...600_E-Index.png
___

- https://secunia.com/advisories/50463/ - MS12-061
- https://secunia.com/advisories/50497/ - MS12-062
___

Microsoft Security Advisory (2736233)
Update Rollup for ActiveX Kill Bits
- https://technet.micr...dvisory/2736233
Sep 11, 2012 - "... Third-Party Kill Bits: This update includes kill bits to prevent the following ActiveX controls from being run in Internet Explorer:
Cisco Secure Desktop...
Cisco Hostscan...
Cisco AnyConnect Secure Mobility Client..."
___

MSRT
- http://support.micro...om/?kbid=890830
September 11, 2012 - Revision: 110.0
- http://www.microsoft...e-families.aspx
"... added in this release...
• Medfos ..."

- https://blogs.techne...Redirected=true

Download:
- http://www.microsoft...i...ng=en&id=16
File Name: Windows-KB890830-V4.12.exe - 16.1 MB
- https://www.microsof...ls.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.12.exe - 16.7 MB
___

ISC Analysis
- https://isc.sans.edu...l?storyid=14071
Last Updated: 2012-09-11

.

Edited by AplusWebMaster, 12 September 2012 - 03:19 AM.

[AplusWebMaster]

FYI...

IE Fix it available - Security Update scheduled for Friday
- https://blogs.techne...Redirected=true
19 Sep 2012 - "... today we have released a Fix it* that is available to address that issue. This is an easy, one-click solution that will help protect your computer right away. It will not affect your ability to browse the web, and it does not require a reboot of your computer. Then, on this Friday, Sept. 21, we will release a cumulative update for Internet Explorer through Windows Update and our other standard distribution channels. We recommend that you install this update as soon as it is available... This will not only reinforce the issue that the Fix It addressed, but cover other issues as well. Today’s Advance Notification Service** (ANS) provides additional details about the update we are releasing on Friday - MS12-063. We are planning to release this bulletin as close to 10 a.m. PDT as possible. This cumulative update for Internet Explorer has an aggregate severity rating of Critical. It addresses the publicly disclosed issue described in Security Advisory 2757760 as well as four other Critical-class remote code execution issues..."
* http://support.micro...7760#FixItForMe

** http://technet.micro...lletin/ms12-sep
Sep 19, 2012 - Version: 2.0
Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

[AplusWebMaster]

FYI...

> https://technet.micr...lletin/ms12-sep
V2.0 (Sep 21, 2012): Added Microsoft Security Bulletin MS12-063, Cumulative Security Update for Internet Explorer (2744842)... out-of-band security bulletin.

Microsoft Security Bulletin MS12-063 - Critical
Cumulative Security Update for Internet Explorer (2744842)
- https://technet.micr...lletin/ms12-063
Sep 21, 2012 - Internet Explorer 6, 7, 8, 9.
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
- http://web.nvd.nist....d=CVE-2012-1529 - 9.3 (HIGH)
- http://web.nvd.nist....d=CVE-2012-2546 - 9.3 (HIGH)
- http://web.nvd.nist....d=CVE-2012-2548 - 9.3 (HIGH)
- http://web.nvd.nist....d=CVE-2012-2557 - 9.3 (HIGH)
- http://web.nvd.nist....d=CVE-2012-4969 - 9.3 (HIGH)

> https://update.microsoft.com/

Edited by AplusWebMaster, 24 September 2012 - 03:43 PM.

[AplusWebMaster]

FYI...

MS KB 2732059 - .oxps files ...
You cannot open an .oxps file in Windows 7 or in Windows Server 2008 R2
- http://support.micro....com/kb/2732059
Last Review: September 26, 2012 - Revision: 2.0
"This issue occurs because Windows 7 and Windows Server 2008 R2 do not support the .oxps format. The supported XPS document format in Windows 7 and in Windows Server 2008 R2 is .xps... This update is available from the following Microsoft Update website:
https://update.microsoft.com
Applies to: Win7, Windows Server 2008 ..."