Microsoft Security Bulletin(s) for July 10, 2012

Discussion in 'other security issues & news' started by NICK ADSL UK, Jul 10, 2012.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Microsoft Security Bulletin(s) for July 10, 2012
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    http://technet.microsoft.com/en-us/security/bulletin/ms12-jul

    Critical (3)

    Microsoft Security Bulletin MS12-043 - Critical
    Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-043

    Microsoft Security Bulletin MS12-044 - Critical
    Cumulative Security Update for Internet Explorer (2719177)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-044

    Microsoft Security Bulletin MS12-045 - Critical
    Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-045

    Important (6)

    Microsoft Security Bulletin MS12-046 - Important
    Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-046

    Microsoft Security Bulletin MS12-047 - Important
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-047

    Microsoft Security Bulletin MS12-048 - Important
    Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-048

    Microsoft Security Bulletin MS12-049 - Important
    Vulnerability in TLS Could Allow Information Disclosure (2655992)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-049

    Microsoft Security Bulletin MS12-050 - Important
    Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)
    Published: Tuesday, July 10, 2012 | Updated: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-050

    Microsoft Security Bulletin MS12-051 - Important
    Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)
    Published: Tuesday, July 10, 2012
    http://technet.microsoft.com/en-us/security/bulletin/ms12-051


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should Contact
    Microsoft Customer Service and Support
    •To contact Microsoft Customer Service and Support, telephone (800) MICROSOFT (642-7676).
    •In Canada, call (877)568-2495.
    •Microsoft Customer Service hours of operation:◦Monday through Friday, 5:00 AM - 9:00 PM Pacific Time
    ◦Saturday and Sunday, 6:00 AM – 3:00 PM Pacific Time

    You can also contact Microsoft Support by email and chat, visit the following Microsoft Website for details:
    http://support.microsoft.com/contactus

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
    NICK ADSL UK, Jul 10, 2012
    #1
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    TechNet Webcast: Information about Microsoft Security Bulletins for July

    Event ID: 1032518600



    Language(s): English.

    Product(s): computer security and information security.

    Audience(s): IT Decision Maker, IT Generalist and IT Manager.


    Starts: Wednesday, July 11, 2012 11:00 AM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)

    Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

    Presented by:

    Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation

    and

    Jonathan Ness, Principal Security Development Lead, Microsoft Corporation



    Register now for the July security bulletin webcast.
     
    NICK ADSL UK, Jul 10, 2012
    #2
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    This DVD5 ISO image file contains the security updates for Windows released on Windows Update on July 10, 2012. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time.


    http://www.microsoft.com/en-us/download/confirmation.aspx?id=30313
     
    NICK ADSL UK, Jul 10, 2012
    #3
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    ********************************************************************
    Title: Microsoft Security Bulletin Minor Revisions
    Issued: July 10, 2012
    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.


    * MS11-044 - Critical
    * MS11-078 - Critical
    * MS11-100 - Critical
    * MS12-016 - Critical
    * MS12-035 - Critical
    * MS12-036 - Critical
    * MS12-050 - Important
    * MS12-JUL



    Bulletin Information:
    =====================

    * MS11-044 - Critical

    - http://technet.microsoft.com/security/bulletin/ms11-044
    - Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
    this bulletin to communicate a minor detection change for
    KB2518864 for Microsoft .NET Framework 2.0 Service Pack 2 and
    Microsoft .NET Framework 3.5 Service Pack 1 to correct an
    offering issue. There were no changes to the security update
    files. Customers who have already successfully updated their
    systems do not need to take any action.
    - Originally posted: June 14, 2011
    - Updated: July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 1.3

    * MS11-078 - Critical

    - http://technet.microsoft.com/security/bulletin/ms11-078
    - Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
    this bulletin to communicate a minor detection change for
    KB2572073 for Microsoft .NET Framework 2.0 Service Pack 2 to
    correct an offering issue. There were no changes to the security
    update files. Customers who have already successfully updated
    their systems do not need to take any action.
    - Originally posted: October 11, 2011
    - Updated: July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 1.3

    * MS11-100 - Critical

    - http://technet.microsoft.com/security/bulletin/ms11-100
    - Reason for Revision: V1.6 (July 10, 2012): Microsoft revised
    this bulletin to communicate a minor detection change for
    KB2657424 for Microsoft .NET Framework 3.5 Service Pack 1 to
    correct an offering issue. There were no changes to the security
    update files. Customers who have already successfully updated
    their systems do not need to take any action.
    - Originally posted: December 29, 2011
    - Updated: Tuesday, July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 1.6

    * MS12-016 - Critical

    - http://technet.microsoft.com/security/bulletin/ms12-016
    - Reason for Revision: V1.3 (July 10, 2012): Microsoft revised
    this bulletin to communicate a minor detection change for
    KB2633880 for Microsoft .NET Framework 2.0 Service Pack 2 to
    correct an offering issue. There were no changes to the security
    update files. Customers who have already successfully updated
    their systems do not need to take any action.
    - Originally posted: February 14, 2012
    - Updated: July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 1.3

    * MS12-035 - Critical

    - http://technet.microsoft.com/security/bulletin/ms12-035
    - Reason for Revision: V2.2 (July 10, 2012): Microsoft revised
    this bulletin to communicate a minor detection change for
    KB2604111 for Microsoft .NET Framework 3.5 Service Pack 1 to
    correct an offering issue. There were no changes to the security
    update files. Customers who have already successfully updated
    their systems do not need to take any action.
    - Originally posted: May 08, 2012
    - Updated: Tuesday, July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 2.2

    * MS12-036 - Critical

    - http://technet.microsoft.com/security/bulletin/ms12-036
    - Reason for Revision: V1.2 (July 10, 2012): Removed MS11-065 as
    a bulletin replaced by the KB2685939 update for Windows XP
    Service Pack 3, Windows XP Professional x64 Edition Service
    Pack 2, Windows Server 2003 Service Pack 2, Windows Server
    2003 x64 Edition Service Pack 2, and Windows Server 2003
    with SP2 for Itanium-based Systems. This is an informational
    change only. There were no changes to the detection logic or
    the update files.
    - Originally posted: June 12, 2012
    - Updated: July 10, 2012
    - Bulletin Severity Rating: Critical
    - Version: 1.2

    * MS12-050 - Important

    - http://technet.microsoft.com/security/bulletin/ms12-050
    - Reason for Revision: V1.1 (July 10, 2012): Downgraded the
    severity rating for the SharePoint Search Scope Vulnerability,
    CVE-2012-1860, from Important to Moderate for all affected
    software. This is an informational change only.
    - Originally posted: July 10, 2012
    - Updated: July 10, 2012
    - Bulletin Severity Rating: Important
    - Version: 1.1

    * MS12-JUL

    - http://technet.microsoft.com/security/bulletin/ms12-JUL
    - Reason for Revision: V1.1 (July 10, 2012): Removed
    CVE-2012-1860 from the Exploitability Index because the
    vulnerability has a Moderate severity rating. Only
    vulnerabilities that have a severity rating of Critical or
    Important in the bulletins are included in the
    Exploitability Index.
    - Originally posted: July 10, 2012
    - Updated: July 10, 2012
    - Version: 1.1
     
    NICK ADSL UK, Jul 11, 2012
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...