Seven bulletins were released today, one of them rated critical.

The one bulletin that contains critical updates is MS12-004 affecting Windows Media. This addresses 2 vulnerabilities and Microsoft indicates exploit code is likely. Accelerated testing and deployment is recommended.

The information disclosure vulnerability addressed with MS12-006 is publicly disclosed. However Microsoft indicates exploit code is unlikely. Most users expect HTTPS sessions to be securely encrypted.

For this month’s newsletter we had to add another exploit type to our list “Security feature bypass” Only software applications that were compiled using Microsoft Visual C++ .NET 2003 can be used to exploit this vulnerability. As a workaround Microsoft suggests recompiling the software with a newer version. This will be useful for admins that carefully control what software is allowed to be installed. SEHOP can also be enabled as a workaround.

MS12-002 relates a vulnerability in Windows Object Packager that could allow arbitrary code. The workarounds consisting of issuing a warning to the user is not 100% effective since the user would have to know what to do.

Only systems with the locale set to Chinese, Japanese and Korean are affected by an exploit the vulnerability in MS12-003. However all systems will be offered the patch to provide defense-in-depth.

The vulnerability described in MS12-005 allows attackers to embed ClickOnce application installers into Microsoft Office documents and execute code without user interaction. ClickOnce may be used by software vendors to update their software without user intervention.

MS12-007 indicates a vulnerability in Anti Cross Site Scripting Library. Developers using this technology should upgrade their libraries and then deploy to web sites using this technology.

An out-of-band bulletin affecting asp.net was released on 12/29/2011.