Microsoft Security Bulletin Advance Notification for May 2012

[ronjor]

Quote:

Published: Thursday, May 03, 2012

Version: 1.0

This is an advance notification of security bulletins that Microsoft is intending to release on May 8, 2012.

This bulletin advance notification will be replaced with the May bulletin summary on May 8, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications.

Microsoft will host a webcast to address customer questions on the security bulletins on May 9, 2012, at 11:00 AM Pacific Time (US & Canada). Register now for the May Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information

https://technet.microsoft.com/en-us/...letin/ms12-may

[ronjor]

Quote:

Hello,

Today we’re releasing our advance notification for the May security bulletin release, which is scheduled for Tuesday, May 8. This month’s release includes 7 bulletins addressing 23 vulnerabilities in Microsoft Windows, Office, Silverlight, and .NET Framework. All 7 bulletins will be released on Tuesday, May 8 at approximately 10 a.m. PDT. Revisit this blog on Tuesday for our official risk and impact analysis, along with deployment guidance and a video overview of the release.

As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.

https://blogs.technet.com/b/msrc/arc...edirected=true

[MikeBCda]

Looks like another relatively quiet month for XP, especially if you don't have Office, Silverlight, or NET.

[ronjor]

Quote:

Microsoft Security Bulletin Summary for May 2012

Published: Tuesday, May 08, 2012

Version: 1.0

This bulletin summary lists security bulletins released for May 2012.

With the release of the security bulletins for May 2012, this bulletin summary replaces the bulletin advance notification originally issued May 3, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on May 9, 2012, at 11:00 AM Pacific Time (US & Canada). Register now for the May Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

https://technet.microsoft.com/en-us/...letin/ms12-may

See Executive Summaries within the bulletin

[ronjor]

Quote:

Bulletin Management Process and the May 2012 Bulletins

For Update Tuesday we’re releasing seven security bulletins – three Critical-class and four Important – addressing 23 issues in Microsoft Windows, Office, Silverlight, and the .NET Framework. Customers should plan to install all of these updates as soon as possible. For those who must prioritize deployment, we recommend focusing on the following two critical updates first:

MS12-034 (Microsoft Office, Windows, .NET Framework, and Silverlight): This security update addresses 10 issues affecting a cross section from Microsoft Windows , Office, Silverlight, and the Microsoft .NET Framework. The maximum severity for these issues is Critical and could result in remote code execution. To ensure protection all updates from this bulletin must be applied. We recommend that customers read through the bulletin information concerning MS12-034 and apply it as soon as possible.

MS12-029 (Microsoft Word): This security update addresses one Critical issue affecting Microsoft Office that could result in remote code execution. Attack vectors for this issue include maliciously crafted websites and email. We recommend that customers read through the bulletin information concerning MS12-029 and apply it as soon as possible.

https://blogs.technet.com/b/msrc/?Redirected=true

[FanJ]

Thanks Ron and Nick

[siljaline]

All patched here - was not happy having to accept four .Net patches but since they are improtant I did install them.

Thanks for keeping us up to speed.

[Wallaby]

Quote:

Originally Posted by siljaline

having to accept four .Net patches

Maybe a little OT, but why .NET updates take so long to install?

[siljaline]

Are we speaking of Windows XP or Windows 7 ? If your machine is perhaps a bit hard drive space challenged or memory challenged installation of .Net packages can take some time.
I would not be too concerned unless the packages will not install correctly.

[Wallaby]

Thanks for your reply (as usual)
On my (small) XP netbook, this 90 MB/11 "items" Microsoft Update took about 40 minutes to complete

[siljaline]

Glad to be of assistance.

• Hint • but don't tell anyone else - you can selectively install certain updates if you are aware they will be time consuming as is the case with .Net installations.

This is generally not recommended but can be done without any ill effect on your PC. Ensure that all items Windows Update offers are installed in due haste.

Quote:

Originally Posted by Wallaby

Thanks for your reply (as usual)
On my (small) XP netbook, this 90 MB/11 "items" Microsoft Update took about 40 minutes to complete

[Wallaby]

Quote:

Originally Posted by siljaline

Glad to be of assistance.

• Hint • but don't tell anyone else - you can selectively install certain updates if you are aware they will be time consuming as is the case with .Net installations.

Nah... my philosophy is to install everything contained in Microsoft update

[kupo]

Quote:

Originally Posted by Wallaby

Maybe a little OT, but why .NET updates take so long to install?

I noticed that as well.

Quote:

Originally Posted by Wallaby

Nah... my philosophy is to install everything contained in Microsoft update

Same here . Except for really little things like Bing Desktop

[MessageBoxA]

Quote:

Originally Posted by Wallaby

Maybe a little OT, but why .NET updates take so long to install?

It takes a little longer to install the .NET packages because the .NET assemblies are not native binary code. When you install the .NET framework and/or updates a tool called NGEN.exe is executed and compiles the .NET assembles into native code specially tuned for your system and stores them into the 'native image cache'. Compiling the code takes a little time.

Best Wishes,
-MessageBoxA

[Dermot7]

Quote:

Originally Posted by MessageBoxA

It takes a little longer to install the .NET packages because the .NET assemblies are not native binary code. When you install the .NET framework and/or updates a tool called NGEN.exe is executed and compiles the .NET assembles into native code specially tuned for your system and stores them into the 'native image cache'. Compiling the code takes a little time.

Best Wishes,
-MessageBoxA

Ah, thanks very much for the clear explanation, I've been wondering this myself for quite some time

[Wallaby]

Quote:

Originally Posted by MessageBoxA

It takes a little longer to install the .NET packages because the .NET assemblies are not native binary code. When you install the .NET framework and/or updates a tool called NGEN.exe is executed and compiles the .NET assembles into native code specially tuned for your system and stores them into the 'native image cache'. Compiling the code takes a little time.

Best Wishes,
-MessageBoxA

Thanks a lot for the explanation
Now it is more clear