May 2012 - Microsoft Releases 7 Security Advisories
Severity: HIGH
Advisory Date: MAY 08, 2012
DESCRIPTION
Microsoft addresses the following vulnerabilities in its May batch of patches:
- (MS12-029) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
Risk Rating: Critical
A vulnerability exists in the way affected versions of MS Office parse RTF data. An attacker could send a target a specially crafted RTF file to exploit this vulnerability. More information is found here. - (MS12-030) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
Risk Rating: Important
This security update resolves a vulnerability found in the Windows Authenticode Signature Verification. The vulnerability exists in the way the said function verifies portable executable (PE) files. Read more here. - (MS12-031) Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
Risk Rating: Important
A vulnerability in the way MS Visio handles specially crafted files could allow an attacker to take control of the vulnerable system. Logged on users that have lesser privileges on the affected system are less impacted by the effects of this vulnerability. Read more here. - (MS12-032) Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
Risk Rating: Important
This update resolves the two vulnerabilities in affected Windows versions. When exploited, the more critical of these vulnerabilities could allow an attacker to elevate his privileges on the affected computer. More information can be found here. - (MS12-033) Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
Risk Rating: Important
A vulnerability in the way Windows Partition Manager handles device relation requests could allow an attacker to run code on an affected system. When successfully exploited, the attacker can run programs or change data. Read more here. - (MS12-034) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
Risk Rating: Critical
This bulletin addresses a number of vulnerabilities reported for the Windows, MS Office, .NET Framework, and Silverlight. It replaces several earlier bulleltins issued for some vulnerabilities. Read more here. - (MS12-035) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
Risk Rating: Critical
This update resolves vulnerabilities in some versions of the .NET Framework. When a vulnerable system accesses a specially crafted webpage via browser that runs XAML Browser Applications (XBAPs), the system may be exploited by an attacker to execute code remotely. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
| Microsoft Bulletin ID | Vulnerability ID | Rule Number & Title | Deep Security Pattern Version | Deep Security Pattern Release Date |
|---|---|---|---|---|
| MS12-029 | CVE-2012-0183 | 1005004 - RTF Mismatch Vulnerability (CVE-2012-0183) | 12-012 | May 8, 2012 |
| MS12-030 | CVE-2012-0141 | 1005011 - Excel File Format Memory Corruption Vulnerability (CVE-2012-0141) | 12-012 | May 8, 2012 |
| CVE-2012-0142 | 1005002 - Excel File Format Memory Corruption In OBJECTLINK Record Vulnerability (CVE-2012-0142) | 12-012 | May 8, 2012 | |
| CVE-2012-0143 | 1005007 - Excel Memory Corruption Using Various Modified Bytes Vulnerability (CVE-2012-0143) | 12-013 | May 11, 2012 | |
| CVE-2012-0185 | 1005010 - Excel MergeCells Record Heap Overflow Vulnerability (CVE-2012-0185) | 12-013 | May 11, 2012 | |
| CVE-2012-1847 | 1005018 - Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability (CVE-2012-1847) | 12-013 | May 11, 2012 | |
| CVE-2012-0184 | 1005005 - Microsoft Excel SXLI Record Memory Corruption Vulnerability (CVE-2012-0184) | 12-012 | May 8, 2012 | |
| MS12-031 | CVE-2012-0018 | 1005026 - Microsoft Visio Viewer VSD File Format Remote Code Execution Vulnerability (CVE-2012-0018) | 12-014 | May 22, 2012 |
| MS12-034 | CVE-2012-0159 | 1005009 - Win23k TrueType Font Parsing Vulnerability (CVE-2012-0159) | 12-012 | May 8, 2012 |
| CVE-2012-0162 | 1005009 - .NET Framework Buffer Allocation Vulnerability (CVE-2012-0162) | 12-012 | May 8, 2012 | |
| MS12-035 | CVE-2012-0160 | 1005003 - Microsoft .NET Framework Parameter Validation Vulnerability-2 (CVE-2012-0160) | 12-012 | May 8, 2012 |
| CVE-2012-0161 | 1005006 - .NET Framework Serialization Vulnerability (CVE-2012-0161) | 12-012 | May 8, 2012 | |
| CVE-2012-0167 | 1005015 - Microsoft GDI Heap Overflow Vulnerability (CVE-2012-0167) | 12-013 | May11, 2012 | |
| CVE-2012-0165 | 1005016 - Microsoft GDI Record Type Vulnerability (CVE-2012-0165) | 12-013 | May 11, 2012 | |
| CVE-2012-0165 | 1005014 - Restrict Microsoft Office File With Embedded EMF | 12-013 | May 11, 2012 |
SOLUTION
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more