First “Patch Tuesday” of 2012

In the first “Patch Tuesday” of 2012, Microsoft is releasing seven security bulletins to address software issues an attacker could use to remotely exploit and take control of infected Windows systems.  Patch Tuesday occurs on the second Tuesday of each month and on that day Microsoft releases security patches to fix vulnerabilities found in their products.

The following table summarizes the security bulletins for this month in order of severity.

Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
Bulletin 1 Critical
Remote Code Execution
Requires restart Microsoft Windows
Bulletin 2 Important
Security Feature Bypass
Requires restart Microsoft Windows
Bulletin 3 Important
Remote Code Execution
May require restart Microsoft Windows
Bulletin 4 Important
Elevation of Privilege
Requires restart Microsoft Windows
Bulletin 5 Important
Remote Code Execution
May require restart Microsoft Windows
Bulletin 6 Important
Information Disclosure
Requires restart Microsoft Windows
Bulletin 7 Important
Information Disclosure
May require restart Microsoft Developer Tools and Software

Table 1 – Table Summarizes the Security Bulletins

We are hoping this month’s patches with address the Browser Exploit Against SSL/TLS or the BEAST that seemed to have been canceled last month due a third-party vendor who reported compatibility issues with the patch

Updates for other security issues are available from the following locations:

  • Security updates are available from Microsoft Download Center. You can find them most easily by doing a keyword search for “security update”.
  • Updates for consumer platforms are available from Microsoft Update.
  • You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

If you are interested in learning more on how to improve security and optimize your IT infrastructure, and  would like to participate with other IT Pros on security topics check out the IT Pro Security Community.

Also strengthening its software is Adobe, which on Jan. 10th released critical updates for Adobe Reader X and Adobe Acrobat X and Google, which recently released Chrome version 16.0.9212.75, fixing three high-priority bugs in the Web browser.



Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: