Microsoft Security Bulletins For March 2012 Released - gHacks Tech News

Microsoft Security Bulletins For March 2012 Released

Microsoft has made available the security patches for March 2012. The patches are already being distributed via Windows Update, but at the time of writing not at Microsoft's Download Center. A total of six security bulletins have been released, of which one has received the highest severity rating of critical. Four of the remaining updates received a severity rating of important, and one a moderate rating.

The bulletins address vulnerabilities and issues in Microsoft Windows operating systems, Visual Studio and Expression Design. Microsoft recommends that company and end-users focus on deploying the patches for the critical vulnerability first, before they move on to the important and moderate issues.

Take a look at the Bulletin Deployment Priority chart, and the Severity and Explotability Index below (via the MSRC blog)

bulletin deployment priority march 2012

severity and explotability index march 2012

Bulletins

Here are the executive summaries for the bulletins, and links that point to each bulletin's page on the Microsoft website.

  • MS12-020 - Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) - This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
  • MS12-017 - Vulnerability in DNS Server Could Allow Denial of Service (2647170) - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote unauthenticated attacker sends a specially crafted DNS query to the target DNS server.
  • MS12-018 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653) - This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
  • MS12-021 - Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019) - This security update resolves one privately reported vulnerability in Visual Studio. The vulnerability could allow elevation of privilege if an attacker places a specially crafted add-in in the path used by Visual Studio and convinces a user with higher privileges to start Visual Studio. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
  • MS12-022 - Vulnerability in Expression Design Could Allow Remote Code Execution (2651018) - This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .xpr or .DESIGN file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Microsoft Expression Design could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .xpr or .DESIGN file) from this location that is then loaded by a vulnerable application.
  • MS12-019 - Vulnerability in DirectWrite Could Allow Denial of Service (2665364) - This security update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messager-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. The target application could become unresponsive when DirectWrite renders the specially crafted sequence of Unicode characters.

You may need to run a manual update check in Windows Updates for the system to detect the updates right away.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Paul(us) said on March 14, 2012 at 1:51 am
    Reply

    Thanks again Martin for this month summary from the march 2012.
    I also again wont to mention that the possibility to blow up the pictures is great. Like every month I am surprised about the sheer endless amount of fixes.

  2. ilev said on March 14, 2012 at 9:37 am
    Reply

    Thx.

    Where are those IE6,7,8,9,10 patches to fix the hacked IE in the last pwn2own on Windows XP-Windows 8 ?

    Google has fixed Chrome just in 2 days.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.