Active Members Fi8sVrs Posted January 12, 2012 Active Members Report Posted January 12, 2012 This month’s patch batch contains 7 new Microsoft Security Bulletins.MS12-001Windows Kernel SafeSEH Bypass VulnerabilityMS12-001 Introduces a new “Security Impact” type to the Microsoft Bulletins, “Security Feature Bypass”. This issue is a bypass of the SafeSEH setting on software compiled with Microsoft Visual C++ .NET 2003. In order to make use of it, there must also be a vulnerability in your compiled software. The bypass exists within Windows, and compiled software will not need to be recompiled.MS12-002Object Packager Insecure Executable Launching VulnerabilityMS12-002 Similar to the DLL preloading attack, except with Executables rather than DLLs, which means SafeDllSearchMode cannot help mitigate this issue. The issue applies to Microsoft Publisher (.PUB) files, where an attacker could place a malicious file in the same directory as a .PUB file.MS12-003CSRSS Elevation of Privilege VulnerabilityMS12-003 Affects the Windows Client Server Runtime Subsystem (CSRSS) on double-byte (Unicode) locale (such as Chinese, Japanese, or Korean system locales). Keep in mind that the locale on any system can be changed, so this patch should be applied regardless of the current locale.MS12-004DirectShow Remote Code Execution VulnerabilityMS12-004 This patch contains two fixes for all except Windows 7 systems. One for DirectShow.MIDI Remote Code Execution VulnerabilityOne for the Windows Multimedia Library. This is the only critical patch for the month, providing a potential drive-by vector related to MIDI files.MS12-005Assembly Execution VulnerabilityMS12-005 This patch fixes an issue related to malicious EXEs deployed as a ClickOnce application and embedded within Office Documents.MS12-006SSL and TLS Protocols VulnerabilityMS12-006 This patch fixes the well known “BEAST” vulnerability. Apply this patch as soon as possible.MS12-007AntiXSS Library Bypass VulnerabilityMS12-007 This patch resolves a bypass in the Microsoft AntiXSS Library similar to MS12-001. Although this should be in the new “Security Feature Bypass” category, the impact is considered Information Disclosure. Again when combined with a flaw in the website that lies behind the AntiXSS library, this vulnerability could be dangerous.As always, these patches should be tested and implemented as quickly as possible.VIA: https://kohi10.wordpress.com/2012/01/10/january-2012-microsoft-patches/ Quote
