Sales
0161 215 3814
0800 953 0642
Support
0800 230 0032
0161 215 3711

December 2012 Microsoft Security Bulletin Release

This month there are seven security bulletins in the Microsoft Security Bulletin release:

  • 4 bulletin is rated as Critical
  • 3 bulletins are rated as Important
  • 6 bulletins addressing vulnerabilities that could lead to Remote Code Execution
Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
MS12-077 Critical
Remote Code Execution
Requires restart Microsoft Windows,
Internet Explorer
Cumulative Security Update for Internet Explorer (2761465)
This security update resolves three privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-078 Critical
Remote Code Execution
Requires restart Microsoft Windows
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
(2783534)

This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType or OpenType font files. An attacker would have to convince users to visit the website, typically by getting them to click a link in an email message that takes them to the attacker’s website.
MS12-079 Critical
Remote Code Execution
May require restart Microsoft Office
Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642)
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Office software, or previews or opens a specially crafted RTF email message in Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-080 Critical
Remote Code Execution
May require restart Microsoft Server Software
Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2784126)
This security update resolves publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe vulnerabilities are in Microsoft Exchange Server WebReady Document Viewing and could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA). The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.
MS12-081 Important
Remote Code Execution
May require restart Microsoft Windows
Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2758857)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user browses to a folder that contains a file or subfolder with a specially crafted name. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-082 Important
Remote Code Execution
May require restart Microsoft Windows
Vulnerability in DirectPlay Could Allow Remote Code Execution (2770660)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker convinces a user to view a specially crafted Office document with embedded content. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-083 Important
Security Feature Bypass
Requires restart Microsoft Windows
Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker presents a revoked certificate to an IP-HTTPS server commonly used in Microsoft DirectAccess deployments. To exploit the vulnerability, an attacker must use a certificate issued from the domain for IP-HTTPS server authentication. Logging on to a system inside the organization would still require system or domain credentials.

In summary, we are likely to see updates requiring reboots of servers this month. As usual, as a UKFast customer, you will benefit from these updates being applied automatically unless you have opted out of this service.

Share with:

Enjoy this article?