This month Microsoft have released nine (9) security bulletins of which three (3) have a maximum rating of Critical, and six (6) having a maximum rating of Important.
For Update Tuesday we’re also releasing nine security bulletins – three Critical-class and six Important – addressing 16 issues in Microsoft Windows, Internet Explorer, Visual Basic for Applications, and Microsoft Office. Customers should plan to install all of these updates as soon as possible. [1]
| Bulletin | KB number | Description | Severity | Impact | Software |
|---|---|---|---|---|---|
| MS12-043 | 2722479 | Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution | Remote Code Execution | Critical | Microsoft Windows, Microsoft Office, Microsoft Developer Tools, Microsoft Server Software |
| MS12-044 | 2719177 | Cumulative Security Update for Internet Explorer | Remote Code Execution | Critical | Microsoft Windows, Internet Explorer |
| MS12-045 | 2698365 | Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution | Remote Code Execution | Critical | Microsoft Windows |
| MS12-046 | 2707960 | Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution | Remote Code Execution | Important | Microsoft Office, Microsoft Developer Tools |
| MS12-047 | 2718523 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege | Elevation of Privilege | Important | Microsoft Windows |
| MS12-048 | 2691442 | Vulnerability in Windows Shell Could Allow Remote Code Execution | Remote Code Execution | Important | Microsoft Windows |
| MS12-049 | 2655992 | Vulnerability in TLS Could Allow Information Disclosure | Information Disclosure | Important | Microsoft Windows |
| MS12-050 | 2695502 | Vulnerabilities in SharePoint Could Allow Elevation of Privilege | Elevation of Privilege | Important | Microsoft Office, Microsoft Server Software |
| MS12-051 | 2721015 | Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege | Elevation of Privilege | Important | Microsoft Office |
PATCH NOW:
MS12-043 – The patch for the problem first described in SA 2719615. Is used according to Microsoft in limited targeted attacks.
MS12-044 – No publicly known exploits
MS12-045 – No publicly known exploits
LINKS:
[1.] Gadgets, certificate housekeeping and the July 2012 bulletins (2012-Jul-10) [MS: MSRC]
[2.] Microsoft July 2012 Black Tuesday Update – Overview (2012-Jul-10) [SANS]
[3.] Microsoft Security Bulletin Summary for July 2012 (2012-Jul-10) [MS]
[4.] Microsoft security updates for July 2012 (2012-Jul-10) [MS]
[1.] Gadgets, certificate housekeeping and the July 2012 bulletins (2012-Jul-10) [MS: MSRC]
[2.] Microsoft July 2012 Black Tuesday Update – Overview (2012-Jul-10) [SANS]
[3.] Microsoft Security Bulletin Summary for July 2012 (2012-Jul-10) [MS]
[4.] Microsoft security updates for July 2012 (2012-Jul-10) [MS]
0 Responses to “Patch <strike>Tuesday</strike> Wednesday (Jul-2012)”