This month Microsoft have released seven (7) security bulletins of which three (3) have a maximum rating of Critical, and four (4) having a maximum rating of Important.
For Update Tuesday we’re releasing seven security bulletins – three Critical-class and four Important – addressing 23 issues in Microsoft Windows, Office, Silverlight, and the .NET Framework. Customers should plan to install all of these updates as soon as possible. For those who must prioritize deployment, we recommend focusing on the following two critical updates first:
* MS12-034 (Microsoft Office, Windows, .NET Framework, and Silverlight): This security update addresses 10 issues affecting a cross section from Microsoft Windows , Office, Silverlight, and the Microsoft .NET Framework. The maximum severity for these issues is Critical and could result in remote code execution. To ensure protection all updates from this bulletin must be applied. We recommend that customers read through the bulletin information concerning MS12-034 and apply it as soon as possible.
* MS12-029 (Microsoft Word): This security update addresses one Critical issue affecting Microsoft Office that could result in remote code execution. Attack vectors for this issue include maliciously crafted websites and email. We recommend that customers read through the bulletin information concerning MS12-029 and apply it as soon as possible. [1]
| Bulletin | KB number | Description | Severity | Impact | Software |
|---|---|---|---|---|---|
| MS12-029 | 2680352 | Vulnerability in Microsoft Word Could Allow Remote Code Execution | Remote Code Execution | Critical | Microsoft Office |
| MS12-030 | 2663830 | Vulnerabilities in Microsoft Office Could Allow Remote Code Execution | Remote Code Execution | Important | Microsoft Office |
| MS12-031 | 2597981 | Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution | Remote Code Execution | Important | Microsoft Office |
| MS12-032 | 2688338 | Vulnerability in TCP/IP Could Allow Elevation of Privilege | Elevation of Privilege | Important | Microsoft Windows |
| MS12-033 | 2690533 | Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege | Elevation of Privilege | Important | Microsoft Windows |
| MS12-034 | 2681578 | Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight | Remote Code Execution | Critical | Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Office |
| MS12-035 | 2693777 | Vulnerabilities in .NET Framework Could Allow Remote Code Execution | Remote Code Execution | Critical | Microsoft Windows, Microsoft .NET Framework |
PATCH NOW:
MS12-029
MS12-034 – known exploits
ISSUES:
* KB2686509 repeatedly fails with Error code 0x8007F0F4
[1.] Bulletin Management Process and the May 2012 Bulletins (2012-May-08) [MS: MSRC]
[2.] Microsoft May 2012 Black Tuesday Update – Overview (2012-May-08) [SANS]
[3.] Microsoft Security Bulletin Summary for May 2012 (2012-May-08) [MS]
[4.] Microsoft security updates for May 2012 (2012-May-08) [MS]
0 Responses to “Patch <strike>Tuesday</strike> Wednesday (May-2012)”