September 24, 2020

Language:

CamSA12-04: Microsoft Update for Multiple Vulnerabilities for April 2012

I. Overview 

Microsoft has released the Microsoft Security Bulletin Summary for April 2012. The information include 4 critical and 2 importants patches.

This vulnerability can allow a remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

II. Effected System

– Windows Operating System and Components
– Microsoft Office Suites and Software
– Microsoft Server Software
– Microsoft Developer Tools and Software
– Microsoft Remote Access Software

III. Patches

– MS12-023 – Cumulative Security Update for Internet Explorer (2675157)

– MS12-024 – Vulnerability in Windows Could Allow Remote Code Execution (2653956)

– MS12-025 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)

– MS12-027 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

– MS12-026 – Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)

– MS12-028 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

IV. Solutions

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

V. Contact Information

– Email: office@camcert.gov.kh

– Tel: (855) 92 335 536 – (855) 16 888 209

[message_box title=”Disclaimer” color=”yellow”]

The information provided herein is on “as is” basis, without warranty of any kind.

[/message_box]

***Disclaimer: CamCERT own some of the content. Our purpose is pure to help spread the awareness, tips or other information related to security to everyone. Even though every information is true, accurate, completed and appropriate, we make no responsibility nor warranty since everything could go wrong.