Severity: : High
  Advisory Date: 14 de lutego de 2012

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its February batch of patches:

  • (MS12-008) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
    Risk Rating: Critical

    This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. Read more here.


  • (MS12-009) Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
    Risk Rating: Important

    This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. Read more here.


  • (MS12-010) Cumulative Security Update for Internet Explorer (2647516)
    Risk Rating: Critical

    This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. Read more here.


  • (MS12-011) Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
    Risk Rating: Important

    This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. Read more here.


  • (MS12-012) Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
    Risk Rating: Important

    This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here.


  • (MS12-013) Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
    Risk Rating: Critical

    This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. Read more here.


  • (MS12-014) Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
    Risk Rating: Important

    This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here.


  • (MS12-015) Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
    Risk Rating: Important

    This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file.. Read more here.


  • (MS12-016) Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
    Risk Rating: Critical

    This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. Read more here.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.

Microsoft Bulletin ID Vulnerability ID Rule Number & Title Deep Security Pattern Version Deep Security Pattern Release Date
MS12-008 CVE-2011-5046 1004885 - Microsoft Windows win32k.sys Memory Corruption Vulnerability 12-004 Feb 14, 2012
MS12-010 CVE-2012-0011 1004923 - Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) 12-004 Feb 14, 2012

CVE-2012-0115 1004923 - Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) 12-004 Feb 14, 2012

CVE-2011-0012 1004922- Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) 12-004 Feb 14, 2012
MS12-011 CVE-2012-0145 1000552- Generic Cross Site Scripting(XSS) Prevention 12-004 Feb 14, 2012

CVE-2012-0144 1000552 - Generic Cross Site Scripting(XSS) Prevention 12-004 Feb 14, 2012

CVE-2012-0017 1000552 - Generic Cross Site Scripting(XSS) Prevention 12-004 Feb 14, 2012
MS12-012 CVE-2012-5082 1004924- Color Control Panel Insecure Library Loading Vulnerability Over Network Share (CVE-2010-5082) 12-004 Feb 14, 2012

CVE-2012-0007 1004925- Color Control Panel Insecure Library Loading Vulnerability Over WebDAV (CVE-2010-5082) 12-004 Feb 14, 2012
MS12-013 CVE-2012-0150 1004928- Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150) 12-004 Feb 14, 2012
MS12-014 CVE-2012-3138 1004924- Indeo Codec Insecure Library Loading Vulnerability Over Network Share (CVE-2010-3138) 12-004 Feb 14, 2012

CVE-2012-3138 1004927- Indeo Codec Insecure Library Loading Vulnerability Over WebDAV (CVE-2010-3138) 12-004 Feb 14, 2012
MS12-016 CVE-2012-0015 1002795- Microsoft Windows Events 12-004 Feb 14, 2012

  OtherInformation