First “Patch Tuesday” of 2012
In the first “Patch Tuesday” of 2012, Microsoft is releasing seven security bulletins to address software issues an attacker could use to remotely exploit and take control of infected Windows systems. Patch Tuesday occurs on the second Tuesday of each month and on that day Microsoft releases security patches to fix vulnerabilities found in their products.
The following table summarizes the security bulletins for this month in order of severity.
Bulletin ID | Maximum Severity Rating and Vulnerability Impact | Restart Requirement | Affected Software |
---|---|---|---|
Bulletin 1 | Critical Remote Code Execution |
Requires restart | Microsoft Windows |
Bulletin 2 | Important Security Feature Bypass |
Requires restart | Microsoft Windows |
Bulletin 3 | Important Remote Code Execution |
May require restart | Microsoft Windows |
Bulletin 4 | Important Elevation of Privilege |
Requires restart | Microsoft Windows |
Bulletin 5 | Important Remote Code Execution |
May require restart | Microsoft Windows |
Bulletin 6 | Important Information Disclosure |
Requires restart | Microsoft Windows |
Bulletin 7 | Important Information Disclosure |
May require restart | Microsoft Developer Tools and Software |
Table 1 – Table Summarizes the Security Bulletins
We are hoping this month’s patches with address the Browser Exploit Against SSL/TLS or the BEAST that seemed to have been canceled last month due a third-party vendor who reported compatibility issues with the patch
Updates for other security issues are available from the following locations:
- Security updates are available from Microsoft Download Center. You can find them most easily by doing a keyword search for “security update”.
- Updates for consumer platforms are available from Microsoft Update.
- You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.
If you are interested in learning more on how to improve security and optimize your IT infrastructure, and would like to participate with other IT Pros on security topics check out the IT Pro Security Community.
Also strengthening its software is Adobe, which on Jan. 10th released critical updates for Adobe Reader X and Adobe Acrobat X and Google, which recently released Chrome version 16.0.9212.75, fixing three high-priority bugs in the Web browser.
Leave a Reply
Want to join the discussion?Feel free to contribute!