March 2012- Microsoft Releases 6 Security Advisories

  Severity: HIGH
  Advisory Date: MAR 13, 2012

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its March batch of patches:

  • (MS12-017) Vulnerability in DNS Server Could Allow Denial of Service (2647170)
    Risk Rating: Important

    This update resolves a privately reported vulnerability in Microsoft Windows that could allow denial of service if a remote unauthenticated attacker sends a specially crafted DNS query to the target DNS server. Read more here.


  • (MS12-018) Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)
    Risk Rating: Important

    This update resolves a privately reported vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here.


  • (MS12-019) Vulnerability in DirectWrite Could Allow Denial of Service (2665364)
    Risk Rating: Medium

    This update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. Read more here.


  • (MS12-020) Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
    Risk Rating: Critical

    This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. Read more here.


  • (MS12-021) Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
    Risk Rating: Important

    This security update resolves one privately reported vulnerability in Visual Studio. The vulnerability could allow elevation of privilege if an attacker places a specially crafted add-in in the path used by Visual Studio and convinces a user with higher privileges to start Visual Studio. Read more here.


  • (MS12-022) Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
    Risk Rating: Important

    This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .xpr or .DESIGN file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Read more here.


  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.

Microsoft Bulletin ID Vulnerability ID Rule Number & Title Deep Security Pattern Version Deep Security Pattern Release Date
MS12-017 CVE-2012-0006 1004951 - DNS Denial Of Service Vulnerability (CVE-2012-0006) 12-006 Mar 13, 2012
MS12-020 CVE-2012-0002 1004949 - Remote Desktop Protocol Vulnerability (CVE-2012-0002) 12-006 Mar 13, 2012
MS12-021 CVE-2012-0008 1004950 - Microsoft Visual Studio - New Add-In Created 12-006 Mar 13, 2012
MS12-022 CVE-2012-0016 1004946- Microsoft Expression Design Insecure Library Loading Vulnerability Over Network Share 12-006 Mar 13, 2012
MS12-012 CVE-2012-0016 1004947- Microsoft Expression Design Insecure Library Loading Vulnerability Over WebDAV 12-006 Mar 13, 2012

  OTHER INFORMATION