Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Summary of Microsoft and third party patches for February

by

If I was going to try to summarize the scope of patches for February the term that comes to mind is ‘massive’.  February not only included nine security patches for 21 vulnerabilities in almost all current Microsoft products including Windows Client Operating Systems, Windows Server Operating Systems, Internet Explorer, Windows Media Player, Visio (Viewer), SharePoint, and .NET/Silverlight, but several third party vendors also released updates on February 14/15. These products include:  Adobe Flash (which included addressing a vulnerability that was actively being exploited), Adobe Shockwave, Oracle Java and also Google Chrome.

In light of the scope of the patches, the February ISO recommendation would be as follows:

  • Patch all workstations as soon as possible with both Microsoft (especially patch MS12-010 and also MS12-013) and third party updates;
  • Patch all server installations as soon as time permits.

To the knowledge of the AgriLife ISO, with the exception of the MS12-016 patch for Silverlight 4, no problems have been experienced with the installation of these patches.  Early in the patch release on February 14, customers reported that some Windows 7, Vista and XP machines (both 32 and 64 bit) experienced an error when the KB2668562 patch installation was attempted.  That condition has since been identified as a problem with metadata (logic) error.  The patch was re-released later in the day on February 14.  See the following URL for details –  http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/kb2668562-silverlight-update-will-not-install-feb/46bcf0b1-c9b8-41f5-b802-b6a8e822d930

Details on specific products patched by bulletin

Patches by bulletin – details
Workstation/server OS – Bulletin #8 – two vulnerabilities in Windows Kernel Mode Drivers – http://technet.microsoft.com/en-us/security/bulletin/ms12-008

NOTE – Remote code execution vulnerability. Two vulnerabilities addressed; one had not previously publicly disclosed, the second HAD been disclosed publicly. For the vulnerability that had NOT been publicly disclosed, it is expected that reliable exploit code will materialize in the next 30 days. For the vulnerability that HAD been publicly disclosed, reliable exploit code is not expected to materialize within the next 30 days.

Applicable workstation operating systems and severity:

  • Windows XP-SP3 (32 bit) – CRITICAL
  • Windows XP-SP2 (64 bit) – CRITICAL
  • Windows Vista-SP2 (32 and 64 bit) – CRITICAL
  • Windows 7 base and SP1 (32 and 64 bit) – CRITICAL

Server OS – Bulletin #8

Applicable server operating systems and severity:

  • Windows Server 2003-SP2 (32 and 64 bit) – CRITICAL
  • Windows Server 2008-SP2 (32, 64 bit and Itanium) – CRITICAL/IMPORTANT*
  • Windows Server 2008R2-SP2 (64 bit) and Itanium – CRITICAL/IMPORTANT*

*NOTE – Server core operating system affected – See the following URLS for details – http://technet.microsoft.com/en-us/library/ee441255%28WS.10%29.aspx or http://technet.microsoft.com/en-us/library/ff698994%28WS.10%29.aspx

For the following Server operating systems, severity is classified as IMPORTANT if Server Core installation option is used: Server 2008 SP2 (32 and 64 bit), Server 2008R2 (64 bit)

Workstation/server OS – Bulletin #9 – two vulnerabilities in Windows Ancillary Function Driver- http://technet.microsoft.com/en-us/security/bulletin/ms12-009

NOTE – Elevation of privilege (to exploit this vulnerability, an attacker would require valid logon credentials and be required to login locally).  Privately disclosed vulnerability. Reliable exploit code expected within the next 30 days now the vulnerability has been made public. First vulnerability (CVE-2012-0149) only affects Windows Server 2003.  Second vulnerability affects all 64 bit versions of current Windows workstation and Server operating systems.

Applicable workstation operating systems and severity:

  • Windows XP-SP2 (64 bit) – IMPORTANT
  • Windows Vista-SP2 (64 bit) – IMPORTANT
  • Windows 7 base and SP1 (64 bit) – IMPORTANT

Server OS – Bulletin #9

Applicable workstation operating systems and severity:

  • Windows Server 2003 SP2 (32, 64 bit and Itanium) – IMPORTANT
  • Windows Server 2008 SP2 (64 bit and Itanium) – IMPORTANT
  • Windows Server 2008R2 base and SP1 – (64 bit and Itanium) – IMPORTANT

Workstation/server OS – Bulletin #10 – Four vulnerabilities in Internet Explorer versions 6-9 http://technet.microsoft.com/en-us/security/bulletin/ms12-010

NOTE – Remote Code Execution vulnerabilities.  None of the vulnerabilities have been disclosed publicly prior to February 14. Likely to see reliable exploit code within the next 30 days now the vulnerabilities are publicly known.

Applicable workstation OS and Web Browsers and severity:

  • Windows XP-SP3 (32 bit) – CRITICAL for Internet Explorer versions 7 and 8
  • Windows XP-SP2 (64 bit) – CRITICAL for Internet Explorer versions 7 and 8
  • Windows Vista-SP2 (32 and 64 bit) – CRITICAL for Internet Explorer versions 7, 8 and 9
  • Windows 7 – base and SP1 (32 and 64 bit) – CRITICAL for Internet Explorer 8 and 9

Server OS – Bulletin #10

Applicable workstation operating systems and severity:

  • Windows Server 2003-SP2 (32, 64 bit and Itanium) – MODERATE for Internet Explorer version 7 and 8
  • Windows Server 2008-SP2 (32, 64 bit and Itanium) – MODERATE for Internet Explorer version 7-9
  • Windows Server 2008R2 base and SP1 (64 bit and Itanium) – MODERATE for Internet Explorer version 8 and 9

Application software – Bulletin #11  three Cross Site Scripting vulnerabilities in SharePoint and SharePoint foundation – http://technet.microsoft.com/en-us/security/bulletin/ms12-011

NOTE – Elevation of privilege (to exploit this vulnerability, an attacker would require valid logon credentials and be required to login locally).  Privately disclosed vulnerability. Reliable exploit code likely to materialize in the next 30 days. Exposure mitigated for users accessing SharePoint servers with Internet Explorer versions 8 and 9 due to cross site scripting blocking implemented in Internet Explorer (versions 8 and 9).

Applicable application software and Severity –

  • Microsoft Office SharePoint 2010 base and SP1 – IMPORTANT
  • Microsoft Office SharePoint Foundation 2010 base and SP1 – IMPORTANT

Server OS – Bulletin #12 – one vulnerability in Windows Color Control panel – http://technet.microsoft.com/en-us/security/bulletin/ms12-012

NOTE – Remote code execution. Publicly disclosed vulnerability. Reliable exploit code likely to materialize in the next 30 days.  Not applicable for Windows Client Operating Systems

Applicable Server OSs and severity

  • Windows Server 2008-SP2 (32 and 64 bit) – IMPORTANT*
  • Windows Server 2008-SP2 (Itanium) – IMPORTANT
  • Windows Server 2008R2 – 64 bit – IMPORTANT*
  • Windows Server 2008R2 – Itanium – IMPORTANT

*NOTE Server core installation not affected

Workstation/server OS – Bulletin #13 – one vulnerability in Windows C Run-Time Library – http://technet.microsoft.com/en-us/security/bulletin/ms12-013

NOTE – Remote code execution. Privately reported vulnerability. Reliable exploit code likely to materialize in the next 30 days.

Applicable workstation OSs and severity

  • Windows XP-SP2 – NOT applicable
  • Windows Vista-SP2 (32 and 64 bit) – CRITICAL
  • Windows 7-base and SP1 (32 and 64 bit) – CRITICAL

Applicable Server OSs and severity

  • Windows Server 2008-SP2 (32, 64 bit and Itanium) – CRITICAL*
  • Windows Server 2008R2 base and SP1 (64 bit an Itanium) – CRITICAL*

*Note server core operating system installation affected for 32 and 64 bit versions. Itanium installations not affected.

Workstation/server OS – Bulletin  #14 – one vulnerability in Indeo Codec – http://technet.microsoft.com/en-us/security/bulletin/ms12-014

NOTE – Remote code execution. Publicly reported. Reliable exploit code likely to materialize in the next 30 days.

Applicable workstation OSs and severity

  • Windows XP-SP3 – (32 bit) – IMPORTANT
  • Windows Vista-SP2 (32 and 64 bit) – NOT applicable
  • Windows 7-base and SP1 (32 and 64 bit) – NOT applicable

Applicable Server OSs and severity

  • Windows Server 2003-SP2 (32, 64 bit and Itanium) – NOT applicable
  • Windows Server 2008-SP2 (32, 64 bit and Itanium) – NOT applicable
  • Windows Server 2008R2 base and SP1 (64 bit an Itanium) –  NOT applicable

Application software – Bulletin #15 – five vulnerabilities in Visio 2010 viewer – http://technet.microsoft.com/en-us/security/bulletin/ms12-015

NOTE – Remote code execution. Privately reported. Reliable exploit code likely to materialize in the next 30 days.

Applicable applications and severity

  • Microsoft Visio viewer 2010 base and SP1 – (32 and 64 bit) – IMPORTANT

Workstation and Server OSs and Development Tools and Software – Bulletin #16 – one vulnerability in .NET framework (versions 2.0, 3.51 and 4) and Silverlight – http://technet.microsoft.com/en-us/security/bulletin/ms12-016

NOTE – Remote code execution. Publicly reported. Reliable exploit code likely to materialize in the next 30 days.

 

Applicable workstation OSs and severity

  • Windows XP-SP3  (32 and 64 bit) – CRITICAL
  • Windows Vista-SP2 (32 and 64 bit) – CRITICAL
  • Windows 7 base and SP1 – (32 and 64  bit) – CRITICAL

 

Applicable server OSs and severity

  • Windows Server 2003SP2 – 32, 64 bit and Itanium – CRITICAL
  • Windows Server 2008SP2 – 32, 64 bit and Itanium – CRITICAL
  • Windows Server 2008R2 base and SP1 – 64 bit and Itanium – CRITICAL