September 19, 2020

Language:

CamSA12-01: Microsoft Update for Multiple Vulnerabilities for January 2012

 I. Overview 

Microsoft has released the Microsoft Security Bulletin Summary for January 2012. The information include 1 critical and 6 importants patches.

This vulnerability can allow a remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

II. Effected System

– Windows Operating System and Components
– Microsoft Developer Tools and Software

III. Patches

– MS12-004: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

– MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)

– MS12-002: Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)

– MS12-003: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)

– MS12-005: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)

– MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

– MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664

IV. Solution

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for January 2012. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

V. Contact Information

– Email: office@camcert.gov.kh

– Tel: (855) 92 335 536 – (855) 16 888 209

[message_box title=”Disclaimer” color=”yellow”]

The information provided herein is on “as is” basis, without warranty of any kind.

[/message_box]

***Disclaimer: CamCERT own some of the content. Our purpose is pure to help spread the awareness, tips or other information related to security to everyone. Even though every information is true, accurate, completed and appropriate, we make no responsibility nor warranty since everything could go wrong.