Sales
0161 215 3814
0800 953 0642
Support
0800 230 0032
0161 215 3711

February 2012 Security Bulletin Release

As mentioned in February’s advance notification post this month’s security bulletin releases are now confirmed to contain 9 bulletins addressing 21 vulnerabilities.

The following table shows affected software by bulletin and the likelihood of an Operating System restart being required and the services this may affect:

Bulletin ID Bulletin Title and Executive Summary Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
MS12-008 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker’s website.
Critical
Remote Code Execution
Requires restart Microsoft Windows
MS12-010 Cumulative Security Update for Internet Explorer (2647516)
This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Critical
Remote Code Execution
May require restart Microsoft Windows, Internet Explorer
MS12-013 Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. An attacker who successfully exploited the vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Critical
Remote Code Execution
Requires restart Microsoft Windows
MS12-016 Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted web page using a web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Critical
Elevation of Privilege
May require restart Microsoft .NET Framework, Microsoft Silverlight
MS12-009 Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user’s system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.
Important
Elevation of Privilege
Requires restart Microsoft Windows
MS12-011 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL.
Important
Elevation of Privilege
May require restart Microsoft Office, Microsoft Server Software
MS12-012 Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)

This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Important
Remote Code Execution
May require restart Microsoft Windows
MS12-014 Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)

This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Important
Remote Code Execution
May require restart Microsoft Windows
MS12-015 Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)

This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Important
Remote Code Execution
May require restart Microsoft Office

View Microsoft’s deployment priority guidance which assists in deployment planning. You can also view the risk and impact graph to visually see an aggregate view of this month’s severity and exploitability index.).

In summary, we are likely to see updates requiring reboots of servers this month. As usual, as a UKFast customer, you will benefit from these updates being applied automatically unless you have opted out of this service.

Share with:

Enjoy this article?