Patch Analysis for June 2012

Seven bulletins were released today, we recommend applying these patches after testing.

MS12-036 is a bulletin outlining vulnerability in Remote Desktop. If RDP is not enabled, the system is not vulnerable. However, the patch will still be offered for all systems and will be in place in case RDP is enabled in the future. If RDP is not being used, we recommend disabling it. That reduces the profile that can be targeted. If you are using RDP, then apply the patch for this critical issue soon. Microsoft indicates exploit code will be likely to be seen.
MS12-037 is a cumulative update for Internet Explorer. One of the thirteen vulnerabilities has been publicly disclosed, that is the Scrolling Events Information Disclosure Vulnerability.  Many of the vulnerabilities are rated critical.
Two vulnerabilities are addressed in MS12-042. The first, UMS memory corruption, only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2. The second, BIOS ROM corruption, which has been publicly disclosed also affects some versions of XP and Server 2003.
One of the four vulnerabilities in Lync (MS12-039) had also been publicly disclosed.
A .NET Framework vulnerability that involves improper execution of a function pointer could result in malicious remote code being executed (MS12-038)
A patch for vulnerability in Microsoft Dynamics AX Enterprise Portal (MS12-040) may require several updates due to the nature of the components being patched.
Finally, important updates are offered to fix 5 kernel mode driver vulnerabilities with bulletin MS12-041.

Patch Tuesday Coverage Made Possible By: Lumension:  IT Secured.  Success Optimized.™

Visit the Lumension Patch Tuesday Center

BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS12-036

2685939
Arbitrary code

/ Remote Desktop
Workstations
Servers
No/NoYesCritical XP
Win2003
Vista
Win2008
Windows 7
Win2008 R2
Restart Req'dPatch after testing
MS12-037

2699988
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
Yes/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Cumulative Update; Restart Req'dPatch after testing
MS12-038

2706726
Arbitrary code

/ .Net Framework
Workstations
Terminal Servers
Servers
No/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
.NET Framework componentPatch after testing
MS12-039

2707956
Arbitrary code

/ Lync
Workstations
Terminal Servers
Yes/NoNoImportant Lync 2010
Communicator 2007 R2
 Patch after testing
MS12-040

2709100
Privilege elevation

/ Dynamics AX
Workstations
Terminal Servers
No/NoNoImportant Dynamics AX 2012
 Patch after testing
MS12-041

2709162
Privilege elevation

/ Windows kernel mode drivers
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS12-042

2711167
Privilege elevation

/ Windows
Workstations
Terminal Servers
Yes/NoNoImportant XP
Win2003
Windows 7
Win2008 R2
Restart Req'dPatch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

 

Additional Resources