Page 47 of 50 FirstFirst ... 374344454647484950 LastLast
Results 461 to 470 of 500

Thread: Old MS Alerts

  1. #461
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS12-020 exploit in-the-wild ...

    FYI...

    Tool Exploiting MS12-020 Vulnerabilities ...
    - http://atlas.arbor.net/briefs/
    Severity: Elevated Severity
    Published: Wednesday, March 28, 2012 19:20
    An easy-to-use denial of service tool for the Microsoft Remote Desktop Protocol vulnerability has been released.
    Analysis: While a metasploit module has been available for some time, a new, easy-to-use point and click tool lowers the bar. Organizations that have yet to patch should do so...
    Source: http://www.f-secure.com/weblog/archives/00002338.html

    MS12-020 exploit in-the-wild ...
    - https://www.f-secure.com/weblog/archives/00002338.html
    March 27, 2012 - "Since the public release of Microsoft's MS12-020 bulletin, there have been plenty of attempts to exploit vulnerabilities in the Remote Desktop Protocol (RDP). Last week, we received a related sample, which turned out to be a tool called "RDPKill by: Mark DePalma" that was designed to kill targeted RDP service. The tool was written with Visual Basic 6.0, and has a simple user interface. We tested it on machines running on Windows XP 32-bit and Windows 7 64-bit... Both the Windows XP 32-bit and the Windows 7 64-bit computers were affected by the Denial of Service (DoS) attack. The service crashed and triggered a "Blue Screen of Death" (BSoD) condition*...
    * https://www.f-secure.com/weblog/arch...pkill_bsod.png
    We detect this tool as Hack-Tool:W32/RDPKill.A. (SHA-1: 1d131a5f17d86c712988a2d146dc73367f5e5917). Besides RDPKill.A, other similar tools and Metasploit module can also be found online. Due to their availability, an unpatched RDP server would be an easy target of DoS attack by attackers who might be experimenting with these tools. For those who still haven't patched their system, especially those running RDP service on their machines, we strongly advise that you to do so as soon as possible..."

    Last edited by AplusWebMaster; 2012-03-29 at 13:16.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #462
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Lightbulb MS Security Bulletin Advance Notification - April 2012

    FYI...

    - https://technet.microsoft.com/en-us/...letin/ms12-apr
    April 05, 2012 - "This is an advance notification of security bulletins that Microsoft is intending to release on April 10, 2012... (Total of -6-)

    Bulletin 1 - Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
    Bulletin 2 - Critical - Remote Code Execution - Requires restart - Microsoft Windows
    Bulletin 3 - Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework
    Bulletin 4 - Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft SQL Server, Microsoft Server Software, Microsoft Developer Tools
    Bulletin 5 - Important - Information Disclosure - May require restart - Microsoft Forefront United Access Gateway
    Bulletin 6 - Important - Remote Code Execution - May require restart - Microsoft Office
    ___

    - https://blogs.technet.com/b/msrc/arc...edirected=true
    5 Apr 2012 - "... 6 bulletins addressing 11 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, Forefront UAG, and .NET Framework..."

    .
    Last edited by AplusWebMaster; 2012-04-07 at 13:06.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #463
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS Security Bulletin Summary - April 2012

    FYI...

    - http://technet.microsoft.com/en-us/s...letin/ms12-apr
    April 10, 2012 - "This bulletin summary lists security bulletins released for April 2012...
    (Total of -6-)

    Critical -4-

    Microsoft Security Bulletin MS12-023 - Critical
    Cumulative Security Update for Internet Explorer (2675157)
    - http://technet.microsoft.com/en-us/s...letin/ms12-023
    Critical - Remote Code Execution- Requires restart - Microsoft Windows, Internet Explorer

    Microsoft Security Bulletin MS12-024 - Critical
    Vulnerability in Windows Could Allow Remote Code Execution (2653956)
    - http://technet.microsoft.com/en-us/s...letin/ms12-024
    Critical - Remote Code Execution- Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS12-025 - Critical
    Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
    - http://technet.microsoft.com/en-us/s...letin/ms12-025
    Critical - Remote Code Execution- May require restart - Microsoft Windows, Microsoft .NET Framework

    Microsoft Security Bulletin MS12-027 - Critical
    Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
    - http://technet.microsoft.com/en-us/s...letin/ms12-027
    Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft SQL Server, Microsoft Server Software, Microsoft Developer Tools

    Important -2-

    Microsoft Security Bulletin MS12-026 - Important
    Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
    - http://technet.microsoft.com/en-us/s...letin/ms12-026
    Important - Information Disclosure - May require restart - Microsoft Forefront United Access Gateway

    Microsoft Security Bulletin MS12-028 - Important
    Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
    - http://technet.microsoft.com/en-us/s...letin/ms12-028
    Important - Remote Code Execution - May require restart - Microsoft Office
    ___

    - https://blogs.technet.com/b/msrc/arc...edirected=true
    10 Apr 2012 - "... These bulletins will increase protection by addressing 11 CVEs. Customers should plan to install all of these updates as soon as possible. For those who must prioritize deployment, we recommend focusing first on these Critical updates:
    • MS12-027 (Windows Common Controls)...
    • MS12-023 (Internet Explorer)..."

    Bulletin Deployment Priority
    - https://blogs.technet.com/cfs-file.a..._5F00_Prio.png

    Severity and Exploitability Index
    - https://blogs.technet.com/cfs-file.a...ev_5F00_XI.png
    ___

    ISC Analysis
    - https://isc.sans.edu/diary.html?storyid=12949
    Last Updated: 2012-04-10 18:08:35 UTC
    ___

    - https://secunia.com/advisories/48724/ - MS12-023
    - https://secunia.com/advisories/48581/ - MS12-024
    - https://secunia.com/advisories/48785/ - MS12-025
    - https://secunia.com/advisories/48787/ - MS12-026
    - https://secunia.com/advisories/48786/ - MS12-027
    - https://secunia.com/advisories/48723/ - MS12-028

    - http://www.securitytracker.com/id/1026901 - MS12-023
    - http://www.securitytracker.com/id/1026906 - MS12-024
    - http://www.securitytracker.com/id/1026907 - MS12-025
    - http://www.securitytracker.com/id/1026909 - MS12-026
    - http://www.securitytracker.com/id/1026899 - MS12-027
    - http://www.securitytracker.com/id/1026900 - MS12-027
    - http://www.securitytracker.com/id/1026902 - MS12-027
    - http://www.securitytracker.com/id/1026903 - MS12-027
    - http://www.securitytracker.com/id/1026904 - MS12-027
    - http://www.securitytracker.com/id/1026905 - MS12-027
    - http://www.securitytracker.com/id/1026910 - MS12-028
    - http://www.securitytracker.com/id/1026911 - MS12-028
    ___

    MSRT
    - http://support.microsoft.com/?kbid=890830
    April 10, 2012 - Revision: 101.0
    (Recent additions)
    - http://www.microsoft.com/security/pc...-families.aspx
    ... added this release...
    • Bocinex
    • Claretore
    • Gamarue

    - https://blogs.technet.com/b/mmpc/arc...edirected=true
    10 Apr 2012

    Download:
    - http://www.microsoft.com/download/en...ylang=en&id=16
    File Name: Windows-KB890830-V4.7.exe - 14.9 MB
    - https://www.microsoft.com/download/e...s.aspx?id=9905
    x64 version of MSRT:
    File Name: Windows-KB890830-x64-V4.7.exe - 15.5 MB

    .
    Last edited by AplusWebMaster; 2012-04-11 at 08:55.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #464
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS12-025 .Net update affects printing ...

    FYI...

    MS12-025 .Net update affects printing ...
    - https://isc.sans.edu/diary.html?storyid=12994
    Last Updated: 2012-04-15 00:28:11 UTC - "... the most recent Microsoft .Net framework update may have affected printing from some applications. TurboTax* has released an update to address this issue in their software and Microsoft has updated the MS12-025 KB article** to indicate they are aware of the problem..."
    * http://turbotax.intuit.com/support/i.../SLN61229.html

    ** http://support.microsoft.com/kb/2671605
    Last Review: April 14, 2012 - Revision: 2.0
    "... Known issues with this security update: • We are currently aware of an issue with printing from a Windows Forms application. After the installation of these security updates, certain Windows Forms applications may not print, or may not honor specified printer settings when they do print. There is no impact on systems that do not use printing functionality from a .NET Framework Windows Forms application. The investigation into this issue is ongoing.
    Workaround: To print from an affected Windows Forms application, print the content to a file on your computer instead of directly printing to a printer device. For example, print to a PDF, XPS, or any other supported format file. You can then open the file that you created and print directly from there..."

    .NET Framework Parameter Validation Vulnerability
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0163 - 9.3 (HIGH)

    - https://technet.microsoft.com/en-us/...letin/ms12-025
    V1.1 (April 13, 2012): Added a link to Microsoft Knowledge Base Article 2671605** under Known Issues in the Executive Summary.

    Last edited by AplusWebMaster; 2012-04-15 at 18:29.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #465
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS12-027 - FixIt solution Mscomctl.ocx

    FYI...

    Fix for an error in custom Office solutions that occurs after you install MS12-027
    - http://support.microsoft.com/kb/2703186/en-us
    Last Review: April 19, 2012 - Revision: 2.0 - "After you install the update solution in Office applications that use controls from Mscomctl.ocx, you may receive one or more of the following error messages:
    > Object library invalid or contains references to object definitions that could not be found
    > Element not found
    > Cannot insert object ...
    To enable or disable this fixit solution*, click the Fix it button or link under the Enable heading. Click Run in the File Download dialog box, and then follow the steps in the Fix it wizard...
    * http://go.microsoft.com/?linkid=9806938
    APPLIES TO:
    Microsoft Office Excel 2003
    Microsoft Office PowerPoint 2003
    Microsoft Office Word 2003
    Microsoft Office Excel 2007
    Microsoft Office PowerPoint 2007
    Microsoft Office Word 2007
    Microsoft Excel 2010
    Microsoft PowerPoint 2010
    Microsoft Word 2010 ..."
    ___

    - https://isc.sans.edu/diary.html?storyid=13063
    Apr 26, 2012 - "Packetstorm Security and Metasploit have Exploit code for MS12-027"

    - http://www.symantec.com/security_res...atconlearn.jsp
    Apr 20, 2012 - "... MS12-027... Microsoft reports that this vulnerability is being exploited in the wild in specially crafted Office documents in limited, targeted attacks. Customers are advised to install all applicable updates as soon as possible..."

    Last edited by AplusWebMaster; 2012-04-26 at 17:47.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #466
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Post MS SIRv12: Conficker...

    FYI...

    MS SIRv12: Conficker
    - http://www.theinquirer.net/inquirer/...ling-microsoft
    Apr 26 2012 - "... Microsoft has warned that the Conficker virus is still residing on millions of Windows machines. In its latest Security Intelligence Report, volume 12 (PDF*), the firm said that the worm had raised its head 220 million times in the last two and a half years. It said that it is one of the biggest threats to businesses and continues to be a problem because people insist on using crappy passwords..."

    SIRv12: Conficker
    - https://blogs.technet.com/b/mmpc/arc...edirected=true
    25 Apr 2012 - "... The nature of how later Conficker variants spread is the key to understanding what makes the worm so much more of an issue for businesses than for consumer users. Initially the worm spread through the Internet solely by exploiting a software vulnerability in the Windows Server service that had been addressed months earlier in Microsoft Security Bulletin MS08-067. About one month later, Conficker was updated to spread using the Autorun feature and weak passwords or stolen login tokens. The use of weak passwords and stolen login tokens was the change that gave it a foothold in the business sector environment...."
    > http://www.microsoft.com/technet/sec.../MS08-067.mspx

    Microsoft Security Intelligence Report volume 12
    * http://go.microsoft.com/?linkid=9807245
    PDF

    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #467
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS12-027 - Exploit in the Wild...

    FYI...

    Microsoft Security Bulletin MS12-027 - Critical
    Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
    - https://technet.microsoft.com/en-us/...letin/ms12-027
    V2.0 (April 26, 2012): Added SP1 versions of SQL Server 2008 R2 to the Affected Software and added an entry to the update FAQ to explain which SQL Server 2000 update to use based on version ranges. These are informational changes only. There were no changes to the security update files or detection logic. For a complete list of changes, see the entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update.

    MS12-027
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0158 - 9.3 (HIGH)
    Last revised: 04/12/2012

    CVE-2012-0158 Exploit in the Wild
    - https://blogs.mcafee.com/mcafee-labs...it-in-the-wild
    April 23, 2012 - "... many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and some other Microsoft products. This exploit can be implemented in a variety of file formats, including RTF, Word, and Excel files. We have already found crafted RTF and Word files in the wild. In the malicious RTF, a vulnerable OLE file is embedded with \object and \objocx tags... always exercise caution when opening unsolicited emails..."

    Last edited by AplusWebMaster; 2012-05-03 at 09:48.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #468
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS Security Bulletin Advance Notification - May 2012

    FYI...

    - https://technet.microsoft.com/en-us/...letin/ms12-may
    May 03, 2012 - "This is an advance notification of security bulletins that Microsoft is intending to release on May 8, 2012... (Total of -7-)

    Bulletin 1 - Critical - Remote Code Execution - May require restart - Microsoft Office
    Bulletin 2 - Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Office
    Bulletin 3 - Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework
    Bulletin 4 - Important - Remote Code Execution - May require restart - Microsoft Office
    Bulletin 5 - Important - Remote Code Execution - May require restart - Microsoft Office
    Bulletin 6 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
    Bulletin 7 - Important - Elevation of Privilege - Requires restart - Microsoft Windows
    ___

    - https://www.computerworld.com/s/arti..._for_next_week
    May 03, 2012 - "... to patch 23 bugs in Windows, Office and its Silverlight and .Net development platforms..."

    - http://h-online.com/-1568457
    4 May 2012

    .
    Last edited by AplusWebMaster; 2012-05-04 at 18:46.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #469
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS Security Bulletin Summary - May 2012

    FYI...

    - https://technet.microsoft.com/en-us/...letin/ms12-may
    May 08, 2012 - "This bulletin summary lists security bulletins released for May 2012...
    (Total of -7-)

    Critical -3-

    Microsoft Security Bulletin MS12-029 - Critical
    Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
    - https://technet.microsoft.com/en-us/...letin/MS12-029
    Critical - Remote Code Execution - May require restart - Microsoft Office

    Microsoft Security Bulletin MS12-034 - Critical
    Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
    - https://technet.microsoft.com/en-us/...letin/ms12-034
    Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Office

    Microsoft Security Bulletin MS12-035 - Critical
    Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
    - https://technet.microsoft.com/en-us/...letin/ms12-035
    Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework

    Important -4-

    Microsoft Security Bulletin MS12-030 - Important
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
    - https://technet.microsoft.com/en-us/...letin/ms12-030
    Important - Remote Code Execution - May require restart - Microsoft Office

    Microsoft Security Bulletin MS12-031 - Important
    Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
    - https://technet.microsoft.com/en-us/...letin/MS12-031
    Important - Remote Code Execution - May require restart - Microsoft Office

    Microsoft Security Bulletin MS12-032 - Important
    Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
    - https://technet.microsoft.com/en-us/...letin/ms12-032
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS12-033 - Important
    Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
    - https://technet.microsoft.com/en-us/...letin/ms12-033
    Important - Elevation of Privilege - Requires restart - Microsoft Windows
    ___

    - https://blogs.technet.com/b/msrc/arc...edirected=true

    Bulletin Deployment Priority
    - https://blogs.technet.com/cfs-filesy...5F00_Slide.PNG

    Severity and Exploitability Index
    - https://blogs.technet.com/cfs-filesy...5F00_Slide.PNG
    ___

    ISC Analysis
    - https://isc.sans.edu/diary.html?storyid=13159
    Last Updated: 2012-05-08 18:06:14 UTC

    - http://blogs.iss.net/archive/2012_05_MSFT_Super_T.html
    • MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight...
    -Ten- vulnerabilities are addressed in this update, three of which are listed as publicly disclosed. The updates touch many parts of the operating system...
    • MS12-035: Vulnerabilities in .NET Framework Could Allow Remote Code Execution
    Two more vulnerabilities in .NET are addressed... These are separate vulnerabilities, but each involve problems in code responsible for serializing/deserializing data from/into an object. Exploitation via specially crafted .NET code can result in arbitrary code execution...
    • MS12-029: Vulnerability in Microsoft Word Could Allow Remote Code Execution
    A single vulnerability in Microsoft Office's RTF parser is addressed... This vulnerability can be exploited for remote code execution... The RTF parser is shared among Office components so vulnerabilities in the parser can be exploited via an email in Outlook rendered as RTF as well as document attachments.
    ___

    - https://secunia.com/advisories/49111/ - MS12-029
    - https://secunia.com/advisories/49112/ - MS12-030
    - https://secunia.com/advisories/49113/ - MS12-031
    - https://secunia.com/advisories/49114/ - MS12-032
    - https://secunia.com/advisories/49115/ - MS12-033
    - https://secunia.com/advisories/49119/ - MS12-034
    - https://secunia.com/advisories/49120/ - MS12-034
    - https://secunia.com/advisories/49121/ - MS12-034
    - https://secunia.com/advisories/49122/ - MS12-034
    - https://secunia.com/advisories/49117/ - MS12-035

    - http://www.securitytracker.com/id/1027035 - MS12-029
    - http://www.securitytracker.com/id/1027041 - MS12-030
    - http://www.securitytracker.com/id/1027042 - MS12-031
    - http://www.securitytracker.com/id/1027044 - MS12-032
    - http://www.securitytracker.com/id/1027043 - MS12-033
    - http://www.securitytracker.com/id/1027038 - MS12-034
    - http://www.securitytracker.com/id/1027039 - MS12-034
    - http://www.securitytracker.com/id/1027040 - MS12-034
    - http://www.securitytracker.com/id/1027048 - MS12-034
    - http://www.securitytracker.com/id/1027035 - MS12-035
    ___

    MSRT
    - http://support.microsoft.com/?kbid=890830
    May 8, 2012 - Revision: 102.0
    (Recent additions)
    - http://www.microsoft.com/security/pc...-families.aspx
    ... added this release...
    • Dishigy
    • Unruy

    Download:
    - http://www.microsoft.com/download/en...ylang=en&id=16
    File Name: Windows-KB890830-V4.8.exe - 15.4 MB
    - https://www.microsoft.com/download/e...s.aspx?id=9905
    x64 version of MSRT:
    File Name: Windows-KB890830-x64-V4.8.exe - 16.0 MB

    .
    Last edited by AplusWebMaster; 2012-05-22 at 15:31.
    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #470
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    5,167

    Exclamation MS Security Advisory - Rollup for ActiveX Kill Bits

    FYI...

    Microsoft Security Advisory (2695962)
    Update Rollup for ActiveX Kill Bits
    - https://technet.microsoft.com/en-us/...visory/2695962
    May 08, 2012
    > http://support.microsoft.com/kb/2695962

    This machine has no brain.
    ....... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •