March 2012- Microsoft Releases 6 Security Advisories
Severity: HIGH
Advisory Date: MAR 13, 2012
DESCRIPTION
Microsoft addresses the following vulnerabilities in its March batch of patches:
- (MS12-017) Vulnerability in DNS Server Could Allow Denial of Service (2647170)
Risk Rating: Important
This update resolves a privately reported vulnerability in Microsoft Windows that could allow denial of service if a remote unauthenticated attacker sends a specially crafted DNS query to the target DNS server. Read more here. - (MS12-018) Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)
Risk Rating: Important
This update resolves a privately reported vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. Read more here. - (MS12-019) Vulnerability in DirectWrite Could Allow Denial of Service (2665364)
Risk Rating: Medium
This update resolves a publicly disclosed vulnerability in Windows DirectWrite. In an Instant Messenger-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client. Read more here. - (MS12-020) Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
Risk Rating: Critical
This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. Read more here. - (MS12-021) Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
Risk Rating: Important
This security update resolves one privately reported vulnerability in Visual Studio. The vulnerability could allow elevation of privilege if an attacker places a specially crafted add-in in the path used by Visual Studio and convinces a user with higher privileges to start Visual Studio. Read more here. - (MS12-022) Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
Risk Rating: Important
This security update resolves one privately reported vulnerability in Microsoft Expression Design. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .xpr or .DESIGN file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
Microsoft Bulletin ID | Vulnerability ID | Rule Number & Title | Deep Security Pattern Version | Deep Security Pattern Release Date |
---|---|---|---|---|
MS12-017 | CVE-2012-0006 | 1004951 - DNS Denial Of Service Vulnerability (CVE-2012-0006) | 12-006 | Mar 13, 2012 |
MS12-020 | CVE-2012-0002 | 1004949 - Remote Desktop Protocol Vulnerability (CVE-2012-0002) | 12-006 | Mar 13, 2012 |
MS12-021 | CVE-2012-0008 | 1004950 - Microsoft Visual Studio - New Add-In Created | 12-006 | Mar 13, 2012 |
MS12-022 | CVE-2012-0016 | 1004946- Microsoft Expression Design Insecure Library Loading Vulnerability Over Network Share | 12-006 | Mar 13, 2012 |
MS12-012 | CVE-2012-0016 | 1004947- Microsoft Expression Design Insecure Library Loading Vulnerability Over WebDAV | 12-006 | Mar 13, 2012 |