Blog

Home > Microsoft Security > May Microsoft Security Bulletin 2012

May Microsoft Security Bulletin 2012

Contents

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Critical Remote Code ExecutionRequires restartMicrosoft Windows MS12-082 Vulnerability in DirectPlay Could Allow Remote Code Execution (2770660)   This security update resolves a privately reported vulnerability in Microsoft Windows. Microsoft is hosting a webcast to address customer questions on these bulletins on June 13, 2012, at 11:00 AM Pacific Time (US & Canada). http://getbetabox.com/microsoft-security/microsoft-security-bulletin-2012.html

Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion Microsoft Security Bulletin Summary for May 2015 Published: May 12, 2015 | Updated: October 13, 2015 Version: 2.0 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools The automated vulnerability assessment in Configuration Manager 2007 discovers needs for updates and reports on recommended actions. Some security updates require administrative rights following a restart of the system. https://technet.microsoft.com/en-us/library/security/ms12-may.aspx

Microsoft Patch Tuesday June 2016

Displays all new, revised, and rereleased updates for Microsoft products other than Microsoft Windows. Security updates are also available at the Microsoft Download Center. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

For more information about MBSA, visit Microsoft Baseline Security Analyzer. Microsoft Security Bulletin Summary for July 2016 Published: July 12, 2016 | Updated: July 29, 2016 Version: 1.1 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools Microsoft Security Bulletin Summary for November 2012 Published: November 13, 2012 | Updated: November 14, 2012 Version: 2.0 This bulletin summary lists security bulletins released for November2012. Microsoft Security Patches June 2016 The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system.

For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index. Microsoft Security Bulletin June 2016 Microsoft Active Protections Program (MAPP) To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you https://technet.microsoft.com/en-us/library/security/ms16-may.aspx Not applicable Not applicable Not applicable MS16-065: Security Update for .NET Framework (3156757) CVE-2016-0149 TLS/SSL Information Disclosure Vulnerability 3 - Exploitation Unlikely 3 - Exploitation Unlikely Not applicable MS16-066: Security Update

To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners, listed in Microsoft Active Protections Program (MAPP) Partners. Ms16-060: Security Update For Windows Kernel (3154846) An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Use these tables to learn about the security updates that you may need to install. Some security updates require administrative rights following a restart of the system.

Microsoft Security Bulletin June 2016

After you install any of the security updates that are included in MS16-065 on a Front End or Standard Edition server for Lync Server 2010, Lync Server 2013, or Skype for Note You may have to install several security updates for a single vulnerability. Microsoft Patch Tuesday June 2016 Note s for MS12-04 6 See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. Microsoft Security Bulletin July 2016 Critical Remote Code ExecutionMay require restartMicrosoft Windows,Microsoft Office,Microsoft Developer Tools,Microsoft Server Software MS12-044 Cumulative Security Update for Internet Explorer (2719177) This security update resolves two privately reported vulnerabilities in Internet Explorer.

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. http://getbetabox.com/microsoft-security/microsoft-security-bulletin-ms06-070.html Updates are also available for Microsoft .NET Framework 4.6 RC, which are available via the Microsoft Download Center only.  Note for MS15-043, MS15-044, and MS15-045 Windows Technical Preview and Windows Server Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2016 Microsoft © 2016 Microsoft

Microsoft Baseline Security Analyzer The Microsoft Baseline Security Analyzer (MBSA) allows administrators to scan local and remote systems for missing security updates as well as common security misconfigurations. This documentation is archived and is not being maintained. Please see the section, Other Information. http://getbetabox.com/microsoft-security/september-microsoft-security-bulletin-2012.html In an Instant Messager-based attack scenario, the vulnerability could allow denial of service if an attacker sends a specially crafted sequence of Unicode characters directly to an Instant Messenger client.

For details on affected software, see the next section, Affected Software and Download Locations. Microsoft Patches June 2016 For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.

Finally, security updates can be downloaded from the Microsoft Update Catalog.

With Configuration Manager 2007, IT administrators can deliver updates of Microsoft products to a variety of devices including desktops, laptops, servers, and mobile devices. See other tables in this section for additional affected software. There were no changes to the security update files. Microsoft Patch Tuesday July 2016 Security Advisories and Bulletins Security Bulletin Summaries 2012 2012 MS12-DEC MS12-DEC MS12-DEC MS12-DEC MS12-NOV MS12-OCT MS12-SEP MS12-AUG MS12-JUL MS12-JUN MS12-MAY MS12-APR MS12-MAR MS12-FEB MS12-JAN TOC Collapse the table of content Expand

Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Use these tables to learn about the security updates that you may need to install. Yes No Additional feedback? 1500 characters remaining Submit Skip this Thank you! http://getbetabox.com/microsoft-security/microsoft-security-bulletin-03-026.html Microsoft Security Bulletin Summary for May 2016 Published: May 10, 2016 | Updated: May 25, 2016 Version: 2.1 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools

V2.1 (May 25, 2016): For MS16-065, added a Known Issue to the Executive Summaries table. See the other tables in this section for additional affected software.    Microsoft Office Services and Web Apps Microsoft SharePoint Server 2010 Bulletin Identifier MS15-046 Aggregate Severity Rating Important Microsoft SharePoint Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you If the current user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take control of an affected system.

Revisions V1.0 (July 10, 2012): Bulletin Summary published. Report a vulnerabilityContribute to MSRC investigations of security vulnerabilities.Search by bulletin, KB, or CVE number OR Filter bulletins by product or componentAllActive DirectoryActive Directory Federation Services 1.xActive Directory Federation Services 2.0Active Directory This bulletin spans more than one software category. Systems Management Server 2003 Microsoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing updates.

For more information, see Microsoft Knowledge Base Article 961747. Bulletin IDVulnerability TitleCVE IDExploitability Assessment for Latest Software ReleaseExploitability Assessment for Older Software ReleaseDenial of Service Exploitability AssessmentKey Notes MS12-029 RTF Mismatch Vulnerability CVE-2012-0183 Not Affected 1 - Exploit code likelyNot Non-Security Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services and Not applicable Not applicable Not applicable MS16-094: Security Update for Secure Boot (3177404) CVE-2016-3287 Secure Boot Security Feature Bypass 1 - Exploitation More Likely 1 - Exploitation More Likely Not applicable

Critical Remote Code ExecutionRequires restartMicrosoft Windows MS12-017 Vulnerability in DNS Server Could Allow Denial of Service (2647170) This security update resolves a privately reported vulnerability in Microsoft Windows. MS12-050 HTML Sanitization Vulnerability CVE-2012-1858 3 - Exploit code unlikely 3 - Exploit code unlikelyNot applicableThis vulnerability has been publicly disclosed. Critical Remote Code Execution Requires restart --------- Microsoft Windows MS16-058 Security Update for Windows IIS (3141083)This security update resolves a vulnerability in Microsoft Windows. Bulletin Information Executive Summaries The following table summarizes the security bulletins for this month in order of severity.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security updates that are being released on the same day as the monthly security updates. Security updates are also available at the Microsoft Download Center.