Microsoft Security Bulletin(s) for April 10, 2012

Discussion in 'other security issues & news' started by NICK ADSL UK, Apr 10, 2012.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK
    Offline

    NICK ADSL UK Administrator

    Microsoft Security Bulletin(s) for April 10, 2012
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

    Critical (4)

    Microsoft Security Bulletin MS12-023
    Cumulative Security Update for Internet Explorer (2675157)
    http://technet.microsoft.com/en-us/security/bulletin/ms12-023

    Microsoft Security Bulletin MS12-024
    Vulnerability in Windows Could Allow Remote Code Execution (2653956)
    http://technet.microsoft.com/en-us/security/bulletin/ms12-024

    Microsoft Security Bulletin MS12-025
    Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
    http://technet.microsoft.com/en-us/security/bulletin/ms12-025

    Microsoft Security Bulletin MS12-027
    Vulnerability in Windows Common Controls Could Allow Remote Code Execution (266425:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms12-027



    Important (2)

    Microsoft Security Bulletin MS12-026
    Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
    http://technet.microsoft.com/en-us/security/bulletin/ms12-026

    Microsoft Security Bulletin MS12-028
    Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
    http://technet.microsoft.com/en-us/security/bulletin/ms12-028






    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
  2. NICK ADSL UK
    Offline

    NICK ADSL UK Administrator

    TechNet Webcast: Information about Microsoft Security Bulletins for April (Level 200)

    Event ID: 1032499650

    Language(s): English.

    Product(s): computer security and information security.


    Audience(s): IT Decision Maker and IT Generalist.

    Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

    Starts: Wednesday, April 11, 2012 11:00 AM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)



    Presented By:


    Jonathan Ness, Security Development Manager, Microsoft Security Response Center, Microsoft Corporation


    Pete Voss, Senior Response Communications Manager, Microsoft Security Response Center, Microsoft Corporation



    Register now for the April security bulletin webcast.
  3. NICK ADSL UK
    Offline

    NICK ADSL UK Administrator

    ********************************************************************
    Title: Microsoft Security Bulletin Re-Releases
    Issued: April 26, 2012
    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS12-027 - Critical
    * MS12-APR

    Bulletin Information:
    =====================

    * MS12-027 - Critical

    - http://technet.microsoft.com/security/bulletin/ms12-027
    - Reason for Revision: V2.0 (April 26, 2012): Added Service Pack 1
    versions of SQL Server 2008 R2 to the Affected Software and
    added an entry to the update FAQ to explain which SQL Server
    2000 update to use based on version ranges. These are
    informational changes only. There were no changes to the security
    update files or detection logic. For a complete list of changes,
    see the entry to the section, Frequently Asked Questions (FAQ)
    Related to This Security Update.
    - Originally posted: April 10, 2012
    - Updated: April 26, 2012
    - Bulletin Severity Rating: Critical
    - Version: 2.0

    * MS12-APR

    - http://technet.microsoft.com/security/bulletin/ms12-APR
    - Reason for Revision: V2.0 (April 26, 2012): For MS12-027, added
    Service Pack 1 versions of SQL Server 2008 R2 to the Affected
    Software and clarified the Affected Software to show that the
    update applies to all installations of Microsoft SQL Server 2000
    Analysis Services Service Pack 4, as the QFE and GDR distinction
    does not apply to this product. These are informational changes
    only. There were no changes to the security update files or
    detection logic. Because the updates have been offered correctly
    since initial release, customers who have already successfully
    installed the updates do not need to take any action.
    - Originally posted: April 10, 2012
    - Updated: April 26, 2012
    - Version: 2.0
Thread Status:
Not open for further replies.