Old MS Alerts

[AplusWebMaster]

FYI...

Microsoft Security Bulletin MS12-027 - Critical
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
- https://technet.microsoft.com/en-us/...letin/ms12-027
• V2.0 (April 26, 2012): Added SP1 versions of SQL Server 2008 R2 to the Affected Software and added an entry to the update FAQ to explain which SQL Server 2000 update to use based on version ranges. These are informational changes only. There were no changes to the security update files or detection logic. For a complete list of changes, see the entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update.

MS12-027
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0158 - 9.3 (HIGH)
Last revised: 04/12/2012

CVE-2012-0158 Exploit in the Wild
- https://blogs.mcafee.com/mcafee-labs...it-in-the-wild
April 23, 2012 - "... many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and some other Microsoft products. This exploit can be implemented in a variety of file formats, including RTF, Word, and Excel files. We have already found crafted RTF and Word files in the wild. In the malicious RTF, a vulnerable OLE file is embedded with \object and \objocx tags... always exercise caution when opening unsolicited emails..."

[AplusWebMaster]

FYI...

- https://technet.microsoft.com/en-us/...letin/ms12-may
May 08, 2012 - "This bulletin summary lists security bulletins released for May 2012...
(Total of -7-)

Critical -3-

Microsoft Security Bulletin MS12-029 - Critical
Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
- https://technet.microsoft.com/en-us/...letin/MS12-029
Critical - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-034 - Critical
Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
- https://technet.microsoft.com/en-us/...letin/ms12-034
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Office

Microsoft Security Bulletin MS12-035 - Critical
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
- https://technet.microsoft.com/en-us/...letin/ms12-035
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework

Important -4-

Microsoft Security Bulletin MS12-030 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
- https://technet.microsoft.com/en-us/...letin/ms12-030
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-031 - Important
Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
- https://technet.microsoft.com/en-us/...letin/MS12-031
Important - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS12-032 - Important
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
- https://technet.microsoft.com/en-us/...letin/ms12-032
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS12-033 - Important
Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
- https://technet.microsoft.com/en-us/...letin/ms12-033
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___

- https://blogs.technet.com/b/msrc/arc...edirected=true

Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy...5F00_Slide.PNG

Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...5F00_Slide.PNG
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=13159
Last Updated: 2012-05-08 18:06:14 UTC

- http://blogs.iss.net/archive/2012_05_MSFT_Super_T.html
• MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight...
-Ten- vulnerabilities are addressed in this update, three of which are listed as publicly disclosed. The updates touch many parts of the operating system...
• MS12-035: Vulnerabilities in .NET Framework Could Allow Remote Code Execution
Two more vulnerabilities in .NET are addressed... These are separate vulnerabilities, but each involve problems in code responsible for serializing/deserializing data from/into an object. Exploitation via specially crafted .NET code can result in arbitrary code execution...
• MS12-029: Vulnerability in Microsoft Word Could Allow Remote Code Execution
A single vulnerability in Microsoft Office's RTF parser is addressed... This vulnerability can be exploited for remote code execution... The RTF parser is shared among Office components so vulnerabilities in the parser can be exploited via an email in Outlook rendered as RTF as well as document attachments.
___

- https://secunia.com/advisories/49111/ - MS12-029
- https://secunia.com/advisories/49112/ - MS12-030
- https://secunia.com/advisories/49113/ - MS12-031
- https://secunia.com/advisories/49114/ - MS12-032
- https://secunia.com/advisories/49115/ - MS12-033
- https://secunia.com/advisories/49119/ - MS12-034
- https://secunia.com/advisories/49120/ - MS12-034
- https://secunia.com/advisories/49121/ - MS12-034
- https://secunia.com/advisories/49122/ - MS12-034
- https://secunia.com/advisories/49117/ - MS12-035

- http://www.securitytracker.com/id/1027035 - MS12-029
- http://www.securitytracker.com/id/1027041 - MS12-030
- http://www.securitytracker.com/id/1027042 - MS12-031
- http://www.securitytracker.com/id/1027044 - MS12-032
- http://www.securitytracker.com/id/1027043 - MS12-033
- http://www.securitytracker.com/id/1027038 - MS12-034
- http://www.securitytracker.com/id/1027039 - MS12-034
- http://www.securitytracker.com/id/1027040 - MS12-034
- http://www.securitytracker.com/id/1027048 - MS12-034
- http://www.securitytracker.com/id/1027035 - MS12-035
___

MSRT
- http://support.microsoft.com/?kbid=890830
May 8, 2012 - Revision: 102.0
(Recent additions)
- http://www.microsoft.com/security/pc...-families.aspx
... added this release...
• Dishigy
• Unruy

Download:
- http://www.microsoft.com/download/en...ylang=en&id=16
File Name: Windows-KB890830-V4.8.exe - 15.4 MB
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.8.exe - 16.0 MB

.

[AplusWebMaster]

FYI...

Microsoft Security Advisory (2695962)
Update Rollup for ActiveX Kill Bits
- https://technet.microsoft.com/en-us/...visory/2695962
May 08, 2012
> http://support.microsoft.com/kb/2695962

[AplusWebMaster]

FYI...

MS12-034 buggy...

- http://support.microsoft.com/kb/2686509
Article ID: 2686509 - Last Review: May 16, 2012 - Revision: 3.0

Maurice N - MS MVP 2002-2010 - AumHa moderator & VSOP - DTS-L - malwarebytes.org forum moderator
- http://answers.microsoft.com/en-us/w...4-793d01b483db
May 9, 2012 - "... Open Internet Explorer (only!) to
- http://support.microsoft.com/kb/923737 [ignore any DOES NOT APPLY warnings as well as the APPLIES TO section] & run the Fix It.
Note=> For optimal results, check the Delete personal settings option.
1a. Open Internet Explorer (only!) to
- http://support.microsoft.com/kb/910336 [ignore the title & Symptoms].
1b. Dismiss/close the "automated troubleshooter" pop-up! - then...
1c. Ignoring any "Not recommended" or similar warnings, run Fix It 50202 in DEFAULT mode (if on a later run you still have the same failure, then repeat the above steps & then select the Agressive mode).
2. Reboot & then run a manual check for updates at Windows Update, etc., etc...
When you reach Windows Update, do a Custom scan for updates. Take (accept) the ones marked Critical or Important.
Decline any that are marked as "optional".
Have infinite patience while it scans and does it's work.
When it prompts you to Restart Windows, please do that. Allow it to restart.
Visit Windows Update via Start >> All Programs >> Windows Update
or Internet Explorer >> Tools >> Windows Update "

-or-

MS12-034: KB2686509 - Failure - due to remapping of a key
- https://social.technet.microsoft.com...-of-a-key.aspx

-or-

Problem with MS12-034 / KB 2676562 patch
- http://www.askwoody.com/2012/problem...2676562-patch/
May 9, 2012

[AplusWebMaster]

FYI...

Windows XP in update loop
- http://h-online.com/-1582649
23 May 2012 - "Users of Windows XP are reporting more problems with recent automatic updates. Three security updates for .NET Framework 2.0 and 3.5 are at the centre of the problem, labelled as patches KB2518664, KB2572073 and KB2633880 in Windows XP's automatic update feature.
On affected systems, the installation of these patches proceeds without error but after a short time, the update service says it would like to install them again and will keep reinstalling the patches if allowed. Microsoft's general advice in this situation is to reset Windows Update components*, though it has yet to offer any specific advice. It is interesting to note that the three patches in question were -not- released on Microsoft's official patch day."
* http://support.microsoft.com/kb/910339
Last Review: May 18, 2012 - Revision: 14.1

MS11-044: http://support.microsoft.com/kb/2518864
Last Review: May 15, 2012 - Revision: 3.1
MS11-078: http://support.microsoft.com/kb/2572073
Last Review: October 11, 2011 - Revision: 1.1
MS12-016: http://support.microsoft.com/kb/2633880
Last Review: February 14, 2012 - Revision: 1.0
___

- http://msmvps.com/blogs/bradley/arch...ft-update.aspx
"... Now fixed, and the Microsoft securty bulletin alert indicates that some of these updates got a detection change..."

- https://technet.microsoft.com/en-us/...letin/ms12-035
• V2.1 (May 22, 2012): Added entry to the update FAQ to announce a detection change for KB2604092 for Microsoft .NET Framework 2.0 Service Pack 2 and KB2604110 for Microsoft .NET Framework 3.0 Service Pack 2 to correct an installation issue...