PDA

View Full Version : Microsoft Security Bulletin(s) For July 10, 2012


hayc59
07-11-12, 07:29 PM
Microsoft Security Bulletin(s) for July 10, 2012
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://technet.microsoft.com/en-us/security/bulletin/ms12-jul

Critical (3)

Microsoft Security Bulletin MS12-043 - Critical
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-043

Microsoft Security Bulletin MS12-044 - Critical
Cumulative Security Update for Internet Explorer (2719177)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-044

Microsoft Security Bulletin MS12-045 - Critical
Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-045

Important (6)

Microsoft Security Bulletin MS12-046 - Important
Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-046

Microsoft Security Bulletin MS12-047 - Important
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-047

Microsoft Security Bulletin MS12-048 - Important
Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-048

Microsoft Security Bulletin MS12-049 - Important
Vulnerability in TLS Could Allow Information Disclosure (2655992)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-049

Microsoft Security Bulletin MS12-050 - Important
Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)
Published: Tuesday, July 10, 2012 | Updated: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-050

Microsoft Security Bulletin MS12-051 - Important
Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)
Published: Tuesday, July 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-051


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should Contact
Microsoft Customer Service and Support
•To contact Microsoft Customer Service and Support, telephone (800) MICROSOFT (642-7676).
•In Canada, call (877)568-2495.
•Microsoft Customer Service hours of operation:◦Monday through Friday, 5:00 AM - 9:00 PM Pacific Time
◦Saturday and Sunday, 6:00 AM – 3:00 PM Pacific Time

You can also contact Microsoft Support by email and chat, visit the following Microsoft Website for details:
http://support.microsoft.com/contactus

As always, download the updates only from the vendors website - visit Windows Update (http://www.windowsupdate.com/) and Office Update (http://office.microsoft.com/OfficeUpdate/) or Microsoft Update (http://update.microsoft.com/microsoftupdate) websites. You may also get the updates thru Automatic Updates (http://www.microsoft.com/athome/security/update/bulletins/automaticupdates.mspx) functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA (http://www.microsoft.com/technet/security/tools/mbsahome.mspx).
hayc59
07-11-12, 07:31 PM
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: July 10, 2012
********************************************************************

Summary
=======
The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.


* MS11-044 - Critical
* MS11-078 - Critical
* MS11-100 - Critical
* MS12-016 - Critical
* MS12-035 - Critical
* MS12-036 - Critical
* MS12-050 - Important
* MS12-JUL



Bulletin Information:
=====================

* MS11-044 - Critical

- http://technet.microsoft.com/security/bulletin/ms11-044
- Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
this bulletin to communicate a minor detection change for
KB2518864 for Microsoft .NET Framework 2.0 Service Pack 2 and
Microsoft .NET Framework 3.5 Service Pack 1 to correct an
offering issue. There were no changes to the security update
files. Customers who have already successfully updated their
systems do not need to take any action.
- Originally posted: June 14, 2011
- Updated: July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 1.3

* MS11-078 - Critical

- http://technet.microsoft.com/security/bulletin/ms11-078
- Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
this bulletin to communicate a minor detection change for
KB2572073 for Microsoft .NET Framework 2.0 Service Pack 2 to
correct an offering issue. There were no changes to the security
update files. Customers who have already successfully updated
their systems do not need to take any action.
- Originally posted: October 11, 2011
- Updated: July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 1.3

* MS11-100 - Critical

- http://technet.microsoft.com/security/bulletin/ms11-100
- Reason for Revision: V1.6 (July 10, 2012): Microsoft revised
this bulletin to communicate a minor detection change for
KB2657424 for Microsoft .NET Framework 3.5 Service Pack 1 to
correct an offering issue. There were no changes to the security
update files. Customers who have already successfully updated
their systems do not need to take any action.
- Originally posted: December 29, 2011
- Updated: Tuesday, July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 1.6

* MS12-016 - Critical

- http://technet.microsoft.com/security/bulletin/ms12-016
- Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
this bulletin to communicate a minor detection change for
KB2633880 for Microsoft .NET Framework 2.0 Service Pack 2 to
correct an offering issue. There were no changes to the security
update files. Customers who have already successfully updated
their systems do not need to take any action.
- Originally posted: February 14, 2012
- Updated: July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 1.3

* MS12-035 - Critical

- http://technet.microsoft.com/security/bulletin/ms12-035
- Reason for Revision: V2.2 (July 10, 2012): Microsoft revised
this bulletin to communicate a minor detection change for
KB2604111 for Microsoft .NET Framework 3.5 Service Pack 1 to
correct an offering issue. There were no changes to the security
update files. Customers who have already successfully updated
their systems do not need to take any action.
- Originally posted: May 08, 2012
- Updated: Tuesday, July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 2.2

* MS12-036 - Critical

- http://technet.microsoft.com/security/bulletin/ms12-036
- Reason for Revision: V1.2 (July 10, 2012): Removed MS11-065 as
a bulletin replaced by the KB2685939 update for Windows XP
Service Pack 3, Windows XP Professional x64 Edition Service
Pack 2, Windows Server 2003 Service Pack 2, Windows Server
2003 x64 Edition Service Pack 2, and Windows Server 2003
with SP2 for Itanium-based Systems. This is an informational
change only. There were no changes to the detection logic or
the update files.
- Originally posted: June 12, 2012
- Updated: July 10, 2012
- Bulletin Severity Rating: Critical
- Version: 1.2

* MS12-050 - Important

- http://technet.microsoft.com/security/bulletin/ms12-050
- Reason for Revision: V1.1 (July 10, 2012): Downgraded the
severity rating for the SharePoint Search Scope Vulnerability,
CVE-2012-1860, from Important to Moderate for all affected
software. This is an informational change only.
- Originally posted: July 10, 2012
- Updated: July 10, 2012
- Bulletin Severity Rating: Important
- Version: 1.1

* MS12-JUL

- http://technet.microsoft.com/security/bulletin/ms12-JUL
- Reason for Revision: V1.1 (July 10, 2012): Removed
CVE-2012-1860 from the Exploitability Index because the
vulnerability has a Moderate severity rating. Only
vulnerabilities that have a severity rating of Critical or
Important in the bulletins are included in the
Exploitability Index.
- Originally posted: July 10, 2012
- Updated: July 10, 2012
- Version: 1.1