Microsoft issues 6 security bulletins on ‘Patch Tuesday’

Posted on by

By Dancho Danchev

On Tuesday, Microsoft issued 6 security bulletins, 4 of them critical, and 2 important updates. The bulletins fix a total of 11 vulnerabilities in Windows, Microsoft Office, and Internet Explorer.

According to Microsoft, the company has already observed targeted malware attacks taking advantage of the MS12-027 vulnerability. In order to mitigate the risks posed by these currently circulating targeted attacks, the company is advising users to disable the ActiveX controls via the Trust Center Settings > ActiveX Settings, option.

More details:

The patched vulnerabilities are as follows:

  • MS12-023 - Cumulative Security Update for Internet Explorer (2675157)
  • MS12-024 - Vulnerability in Windows Could Allow Remote Code Execution (2653956)
  • MS12-025 - Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
  • MS12-027 - Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
  • MS12-026 - Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
  • MS12-028 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

The severity and exploitability of these flaws is as follows:

End and corporate users are advised to update  their PCs as soon as possible to prevent the likelihood of a successful remote exploitation thanks to these vulnerabilities.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Join the Conversation

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s