April 2012 Microsoft Patch Tuesday Summary
Welcome to another edition of patch Tuesday summary blog. Last month’s patch Tuesday involved patching 7 vulnerabilities over 6 bulletins, while this month we are patching 11 new vulnerabilities over 6 bulletins.
Here is a list of the vulnerabilities fixed in today’s patches:
MS12-023 - Cumulative Security Update for Internet Explorer
- CVE-2012-0168 - Print Feature Remote Code Execution Vulnerability
- CVE-2012-0169 - JScript9 Remote Code Execution Vulnerability
- CVE-2012-0170 - OnReadyStateChange Remote Code Execution Vulnerability
- CVE-2012-0171 - SelectAll Remote Code Execution Vulnerability
- CVE-2012-0172 - VML Remote Code Execution Vulnerability
MS12-024 - Vulnerability in Windows Could Allow Remote Code Execution
- CVE-2012-0151 - WinVerifyTrust Signature Validation Vulnerability
MS12-025 - Vulnerabilities in .NET Framework Could Allow Remote Code Execution
- CVE-2012-0163 - .NET Framework Parameter Validation Vulnerability
MS12-026 - Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure
- CVE-2012-0146 - Unfiltered Access to UAG Default Website Vulnerability
- CVE-2012-0147 - UAG Blind HTTP Redirect Vulnerability
MS12-027 - Vulnerability in MSCOMCTL.OCX Could Allow Remote Code Execution
- CVE-2012-0158 - MSCOMCTL.OCX RCE Vulnerability
MS12-028 - Vulnerability in Microsoft Office Could Allow for Remote Code Execution
- CVE-2012-0177 - Office WPS Converter Heap Overflow Vulnerability
As shown in the chart above, in April the number of vulnerabilities patched has increased slightly from the prior month. Remember to always be cautious when following links to other sites, as well as opening documents and email attachments, especially when the origin of the documents is unknown. As we do every month, we’ve released a signature update to address the vulnerabilities fixed in today’s patches. Happy patching!
For additional information on how you can protect your network from emerging threats, please visit http://www.juniper.net/us/en/products-services/sec
Discussing a wide range of topics impacting enterprises and data center security.
Subscribe to Security & Mobility Now
-
ahamdad@cfao.co
m on: Best Practises in Authentica tion with Junos Pulse ... - scottdware on: When (and where) to use SSL VPN: Security, Portabi...
- on: Bitcoin DDoS Attack: 6 Steps to Turn a Profit
-
on:
It’s Not Size, But Sophistica
tion That Matters -
on:
SDN is great, (Secure)SD
N is better ! -
on:
Collective Defense Requires Greater Informatio
n Sh... -
on:
Deconstruc
ting Web Attack Trends in 2012 -
Ashwin Krishnan (Ashwin)
on:
A thermostat can be smart but how secure can it be...
-
Kyle Adams (KyleAdams)
on:
What does Super Mario’s Bowser have to do with web...
-
on:
The Truth about Virtualiza
tion Security
