Microsoft Security Bulletin: March 2012 Release
This month we have 6 new security bulletins and 1 new security advisory that you need to apply in your environments. Please see all the details below.
What is the purpose of this alert?
This alert is to provide you with an overview of the new security bulletin(s) being released on March 13, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.
New Security Bulletins
Microsoft is releasing the following six new security bulletins for newly discovered vulnerabilities:
Bulletin ID |
Bulletin Title |
Max Severity Rating |
Vulnerability Impact |
Restart Requirement |
Affected Software |
Vulnerability in DNS Server Could Allow Denial of Service (2647170) |
Important |
Denial of Service |
Requires restart |
Microsoft Windows Server 2003, Windows Server 2008 (except Itanium-based systems), and Windows Server 2008 R2 (except Itanium-based systems). |
|
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653) |
Important |
Elevation of Privilege |
Requires restart |
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. |
|
Vulnerability in DirectWrite Could Allow Denial of Service (2665364) |
Moderate |
Denial of Service |
May require restart |
Microsoft Windows Vista, Windows Server 2008 (except Itanium-based systems), Windows 7, and Windows Server 2008 R2. |
|
Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) |
Critical |
Remote Code Execution |
Requires restart |
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. |
|
Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019) |
Important |
Elevation of Privilege |
May require restart |
Microsoft Visual Studio 2008 and Visual Studio 2010. |
|
Vulnerability in Expression Design Could Allow Remote Code Execution (2651018) |
Important |
Remote Code Execution |
May require restart |
Microsoft Expression Design, Expression Design 2, Expression Design 3, and Expression Design 4. |
Summaries for new bulletin(s) may be found at https://technet.microsoft.com/security/bulletin/MS12-mar.
Microsoft Windows Malicious Software Removal Tool
Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at https://support.microsoft.com/?kbid=890830.
High Priority Non-Security Updates
High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at https://support.microsoft.com/?id=894199.
New Security Advisory
Security Advisory 2647518 |
Update Rollup for ActiveX Kill Bits |
Affected Software |
• Microsoft Windows XP • Windows Server 2003 • Windows Vista • Windows Server 2008 • Windows 7 • Windows Server 2008 R2 |
Executive Summary |
• With this advisory, Microsoft is releasing an update rollup of ActiveX kill bits that contains new kill bits and all kill bits previously released. • This update sets the kill bits for the following third-party software: o Biostat SamplePower (IBM) o Blueberry Software Flashback Component (IBM) o HP Photo Creative (HP) |
More Information |
Jeffa
Technorati Tags: Security Bulletins,Updates,Patching