Microsoft Security Bulletin(s) for April 10, 2012

Microsoft Security Bulletin(s) for April 10, 2012
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

Critical (4)

Microsoft Security Bulletin MS12-023
Cumulative Security Update for Internet Explorer (2675157)
http://technet.microsoft.com/en-us/security/bulletin/ms12-023

Microsoft Security Bulletin MS12-024
Vulnerability in Windows Could Allow Remote Code Execution (2653956)
http://technet.microsoft.com/en-us/security/bulletin/ms12-024

Microsoft Security Bulletin MS12-025
Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
http://technet.microsoft.com/en-us/security/bulletin/ms12-025

Microsoft Security Bulletin MS12-027
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (266425
http://technet.microsoft.com/en-us/security/bulletin/ms12-027



Important (2)

Microsoft Security Bulletin MS12-026
Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
http://technet.microsoft.com/en-us/security/bulletin/ms12-026

Microsoft Security Bulletin MS12-028
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
http://technet.microsoft.com/en-us/security/bulletin/ms12-028






Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information about Microsoft Security Bulletins for April (Level 200)

Event ID: 1032499650

Language(s): English.

Product(s): computer security and information security.


Audience(s): IT Decision Maker and IT Generalist.

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

Starts: Wednesday, April 11, 2012 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration: 1 hour(s)


Presented By:


Jonathan Ness, Security Development Manager, Microsoft Security Response Center, Microsoft Corporation


Pete Voss, Senior Response Communications Manager, Microsoft Security Response Center, Microsoft Corporation



Register now for the April security bulletin webcast.

 

********************************************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: April 26, 2012
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS12-027 - Critical
* MS12-APR

Bulletin Information:
=====================

* MS12-027 - Critical

- http://technet.microsoft.com/security/bulletin/ms12-027
- Reason for Revision: V2.0 (April 26, 2012): Added Service Pack 1
versions of SQL Server 2008 R2 to the Affected Software and
added an entry to the update FAQ to explain which SQL Server
2000 update to use based on version ranges. These are
informational changes only. There were no changes to the security
update files or detection logic. For a complete list of changes,
see the entry to the section, Frequently Asked Questions (FAQ)
Related to This Security Update.
- Originally posted: April 10, 2012
- Updated: April 26, 2012
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS12-APR

- http://technet.microsoft.com/security/bulletin/ms12-APR
- Reason for Revision: V2.0 (April 26, 2012): For MS12-027, added
Service Pack 1 versions of SQL Server 2008 R2 to the Affected
Software and clarified the Affected Software to show that the
update applies to all installations of Microsoft SQL Server 2000
Analysis Services Service Pack 4, as the QFE and GDR distinction
does not apply to this product. These are informational changes
only. There were no changes to the security update files or
detection logic. Because the updates have been offered correctly
since initial release, customers who have already successfully
installed the updates do not need to take any action.
- Originally posted: April 10, 2012
- Updated: April 26, 2012
- Version: 2.0