MyCERT Advisories

MyCERT Advisories, Alerts and Summaries for the year 2012
Bookmark and Share

MA-312.052012 : MyCERT Alert - Microsoft Security Bulletin Summary For May 2012

Date of publication: 2012-05-10

1.0 Introduction

Microsoft has released 7 security bulletins for May 2012. Three of them are rated Critical and four of them are Important


2.0 The list of the critical vulnerabilities are as below:

    2.1 Vulnerability in Microsoft Word Could Allow Remote Code Execution

    This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Patch: http://go.microsoft.com/fwlink/?LinkId=248419


    2.2 Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight

    This security update resolves three publicly disclosed vulnerabilities and seven privately reported vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website.

    Patch: http://go.microsoft.com/fwlink/?LinkId=251038


    2.3 Vulnerabilities in .NET Framework Could Allow Remote Code Execution

    This security update resolves two privately reported vulnerabilities in the .NET Framework. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted webpage using a web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Patch: http://go.microsoft.com/fwlink/?LinkId=246970


3.0 The list of the Important vulnerabilities are as below:

    3.1 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

    This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Patch: http://go.microsoft.com/fwlink/?LinkId=238499


    3.2 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution

    This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Patch: http://go.microsoft.com/fwlink/?LinkId=248385


    3.3 Vulnerability in TCP/IP Could Allow Elevation of Privilege

    This security update resolves one privately reported and one publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.

    Patch: http://go.microsoft.com/fwlink/?LinkId=246964


    3.4 Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege
    This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

    Patch: http://go.microsoft.com/fwlink/?LinkId=247902


4.0 Recommendations

Users are recommended to perform the update immediately. All of the patches could be done almost automatically via the Windows Update application.

The how-to perform of the Windows Update is available at the following URL:
http://www.mycert.org.my/en/resources/os/main/main/detail/707/index.html

 

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor. For further enquiries, please contact MyCERT through the following channels:

E-mail : mycert@mycert.org.my
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT to 15888
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

5.0 References

i - http://technet.microsoft.com/en-us/security/bulletin/ms12-may
ii - http://blogs.technet.com/b/msrc/archive/2012/05/08/bulletin-management-process-and-the-may-2012-bulletins.aspx