February 2012- Microsoft Releases 9 Security Advisories
Severity: HIGH
Advisory Date: FEB 14, 2012
DESCRIPTION
Microsoft addresses the following vulnerabilities in its February batch of patches:
- (MS12-008) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
Risk Rating: Critical
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. Read more here. - (MS12-009) Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
Risk Rating: Important
This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. Read more here. - (MS12-010) Cumulative Security Update for Internet Explorer (2647516)
Risk Rating: Critical
This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. Read more here. - (MS12-011) Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
Risk Rating: Important
This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. Read more here. - (MS12-012) Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here. - (MS12-013) Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
Risk Rating: Critical
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. Read more here. - (MS12-014) Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
Risk Rating: Important
This security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. Read more here. - (MS12-015) Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Risk Rating: Important
This security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file.. Read more here. - (MS12-016) Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
Risk Rating: Critical
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
| Microsoft Bulletin ID | Vulnerability ID | Rule Number & Title | Deep Security Pattern Version | Deep Security Pattern Release Date |
|---|---|---|---|---|
| MS12-008 | CVE-2011-5046 | 1004885 - Microsoft Windows win32k.sys Memory Corruption Vulnerability | 12-004 | Feb 14, 2012 |
| MS12-010 | CVE-2012-0011 | 1004923 - Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) | 12-004 | Feb 14, 2012 |
| CVE-2012-0115 | 1004923 - Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) | 12-004 | Feb 14, 2012 | |
| CVE-2011-0012 | 1004922- Html Layout Remote Code Execution Vulnerability (CVE-2012-0011) | 12-004 | Feb 14, 2012 | |
| MS12-011 | CVE-2012-0145 | 1000552- Generic Cross Site Scripting(XSS) Prevention | 12-004 | Feb 14, 2012 |
| CVE-2012-0144 | 1000552 - Generic Cross Site Scripting(XSS) Prevention | 12-004 | Feb 14, 2012 | |
| CVE-2012-0017 | 1000552 - Generic Cross Site Scripting(XSS) Prevention | 12-004 | Feb 14, 2012 | |
| MS12-012 | CVE-2012-5082 | 1004924- Color Control Panel Insecure Library Loading Vulnerability Over Network Share (CVE-2010-5082) | 12-004 | Feb 14, 2012 |
| CVE-2012-0007 | 1004925- Color Control Panel Insecure Library Loading Vulnerability Over WebDAV (CVE-2010-5082) | 12-004 | Feb 14, 2012 | |
| MS12-013 | CVE-2012-0150 | 1004928- Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150) | 12-004 | Feb 14, 2012 |
| MS12-014 | CVE-2012-3138 | 1004924- Indeo Codec Insecure Library Loading Vulnerability Over Network Share (CVE-2010-3138) | 12-004 | Feb 14, 2012 |
| CVE-2012-3138 | 1004927- Indeo Codec Insecure Library Loading Vulnerability Over WebDAV (CVE-2010-3138) | 12-004 | Feb 14, 2012 | |
| MS12-016 | CVE-2012-0015 | 1002795- Microsoft Windows Events | 12-004 | Feb 14, 2012 |
