May 2012 - Microsoft Releases 7 Security Advisories

  Severity: HIGH
  Advisory Date: MAY 08, 2012

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its May batch of patches:



  • (MS12-029) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
    Risk Rating: Critical

    A vulnerability exists in the way affected versions of MS Office parse RTF data. An attacker could send a target a specially crafted RTF file to exploit this vulnerability. More information is found here.


  • (MS12-030) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
    Risk Rating: Important

    This security update resolves a vulnerability found in the Windows Authenticode Signature Verification. The vulnerability exists in the way the said function verifies portable executable (PE) files. Read more here.


  • (MS12-031) Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
    Risk Rating: Important

    A vulnerability in the way MS Visio handles specially crafted files could allow an attacker to take control of the vulnerable system. Logged on users that have lesser privileges on the affected system are less impacted by the effects of this vulnerability. Read more here.


  • (MS12-032) Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
    Risk Rating: Important

    This update resolves the two vulnerabilities in affected Windows versions. When exploited, the more critical of these vulnerabilities could allow an attacker to elevate his privileges on the affected computer. More information can be found here.


  • (MS12-033) Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
    Risk Rating: Important

    A vulnerability in the way Windows Partition Manager handles device relation requests could allow an attacker to run code on an affected system. When successfully exploited, the attacker can run programs or change data. Read more here.


  • (MS12-034) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
    Risk Rating: Critical

    This bulletin addresses a number of vulnerabilities reported for the Windows, MS Office, .NET Framework, and Silverlight. It replaces several earlier bulleltins issued for some vulnerabilities. Read more here.


  • (MS12-035) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
    Risk Rating: Critical

    This update resolves vulnerabilities in some versions of the .NET Framework. When a vulnerable system accesses a specially crafted webpage via browser that runs XAML Browser Applications (XBAPs), the system may be exploited by an attacker to execute code remotely. Read more here.


  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.

Microsoft Bulletin ID Vulnerability ID Rule Number & Title Deep Security Pattern Version Deep Security Pattern Release Date
MS12-029 CVE-2012-0183 1005004 - RTF Mismatch Vulnerability (CVE-2012-0183) 12-012 May 8, 2012
MS12-030 CVE-2012-0141 1005011 - Excel File Format Memory Corruption Vulnerability (CVE-2012-0141) 12-012 May 8, 2012
CVE-2012-0142 1005002 - Excel File Format Memory Corruption In OBJECTLINK Record Vulnerability (CVE-2012-0142) 12-012 May 8, 2012
CVE-2012-0143 1005007 - Excel Memory Corruption Using Various Modified Bytes Vulnerability (CVE-2012-0143) 12-013 May 11, 2012
CVE-2012-0185 1005010 - Excel MergeCells Record Heap Overflow Vulnerability (CVE-2012-0185) 12-013 May 11, 2012
CVE-2012-1847 1005018 - Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability (CVE-2012-1847) 12-013 May 11, 2012
CVE-2012-0184 1005005 - Microsoft Excel SXLI Record Memory Corruption Vulnerability (CVE-2012-0184) 12-012 May 8, 2012
MS12-031 CVE-2012-0018 1005026 - Microsoft Visio Viewer VSD File Format Remote Code Execution Vulnerability (CVE-2012-0018) 12-014 May 22, 2012
MS12-034 CVE-2012-0159 1005009 - Win23k TrueType Font Parsing Vulnerability (CVE-2012-0159) 12-012 May 8, 2012
CVE-2012-0162 1005009 - .NET Framework Buffer Allocation Vulnerability (CVE-2012-0162) 12-012 May 8, 2012
MS12-035 CVE-2012-0160 1005003 - Microsoft .NET Framework Parameter Validation Vulnerability-2 (CVE-2012-0160) 12-012 May 8, 2012
CVE-2012-0161 1005006 - .NET Framework Serialization Vulnerability (CVE-2012-0161) 12-012 May 8, 2012
CVE-2012-0167 1005015 - Microsoft GDI Heap Overflow Vulnerability (CVE-2012-0167) 12-013 May11, 2012
CVE-2012-0165 1005016 - Microsoft GDI Record Type Vulnerability (CVE-2012-0165) 12-013 May 11, 2012
CVE-2012-0165 1005014 - Restrict Microsoft Office File With Embedded EMF 12-013 May 11, 2012

  SOLUTION