|
|
|
|
| What is the purpose of this alert? |
|
| This alert is to provide you with an overview of the new security
bulletin(s) being released on January 10, 2012. Security bulletins are released
monthly to resolve critical problem vulnerabilities.
|
|
| NEW SECURITY BULLETINS |
|
|
|
|
| Microsoft is releasing the following seven new security bulletins for newly discovered vulnerabilities: | Bulletin ID | Bulletin ID | Maximum Severity Rating | Vulnerability Impact | Restart Requirement | Affected Software | MS12-001 | Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615) | Important | Security Feature Bypass | Requires restart |
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
| MS12-002 | Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381) | Important | Remote Code Execution | May require restart | Microsoft Windows XP and Windows Server 2003. | MS12-003 | Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524) | Important | Elevation of Privilege | Requires restart | Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. | MS12-004 | Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) | Critical | Remote Code Execution | Requires restart | Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | MS12-005 | Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146) | Important | Remote Code Execution | May requires restart | Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | MS12-006 | Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) | Important | Information Disclosure | Requires restart | Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. | MS12-007 | Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) | Important | Information Disclosure | May requires restart | Microsoft Developer Tools and Software | | | |
|
| Note: The list of affected software in the summary table above is an abstract. To see the full list of affected
components please visit the bulletin summary webpage at the link below and review the "Affected
Software" section. |
|
|
|
|
| Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-jan.
Update the month and also the URL inside the hyperlink and remove this note.
Microsoft Windows Malicious Software Removal Tool
Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830. High Priority Non-Security Updates
High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199. |
|
|
|
|
| PUBLIC BULLETIN WEBCAST |
|
|
|
|
|
Microsoft will host a webcast to address customer questions on these bulletins:
Title: : Information about Microsoft January Security Bulletins (Level 200)
Date: Wednesday, January 11, 2012, 11:00 A.M. Pacific Time (GMT-08:00)
URL: https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032499498
| Available link for download
| | | | |
No comments:
Post a Comment