Microsoft
<<  Отчет Microsoft о безопасности Security Intelligence Report Volume 6: Новые данные об ИТ-угрозах в России и мире Дарьи пынзарь 2012 видео  >>
Live Video Stream
Live Video Stream
Live Video Stream
Live Video Stream
Questions and Answers
Questions and Answers
© 2012 Microsoft Corporation
© 2012 Microsoft Corporation
Картинки из презентации «Information About Microsoft May 2012 Security Bulletins» к уроку информатики на тему «Microsoft»

Автор: . Чтобы познакомиться с картинкой полного размера, нажмите на её эскиз. Чтобы можно было использовать все картинки для урока информатики, скачайте бесплатно презентацию «Information About Microsoft May 2012 Security Bulletins.pptx» со всеми картинками в zip-архиве размером 473 КБ.

Information About Microsoft May 2012 Security Bulletins

содержание презентации «Information About Microsoft May 2012 Security Bulletins.pptx»
Сл Текст Сл Текст
1Information About Microsoft May 2012 9successfully exploited this vulnerability
Security Bulletins. Dustin Childs Sr. could run arbitrary code in the context of
Security Program Manager Microsoft another process. Mitigating Factors.
Corporation Pete Voss Sr. Response Mitigating Factors. CVE-2012-0174: An
Communications Manager Microsoft attacker must have valid logon credentials
Corporation. and be able to log on locally to exploit
2Live Video Stream. To receive our this vulnerability. CVE-2012-0179:
video stream in LiveMeeting: Click on Microsoft has not identified any
Voice & Video Click the drop down next mitigating factors for this vulnerability.
to the camera icon Select Show Main Video. CVE-2012-0174: An attacker must have valid
3What We Will Cover. Review of May 2012 logon credentials and be able to log on
Bulletin Release Information New Security locally to exploit this vulnerability.
Bulletins Security Advisory 2695962 CVE-2012-0179: Microsoft has not
Microsoft® Windows® Malicious Software identified any mitigating factors for this
Removal Tool Resources Questions and vulnerability. CVE-2012-0174: An attacker
Answers: Please Submit Now Submit must have valid logon credentials and be
Questions via Twitter #MSFTSecWebcast. able to log on locally to exploit this
4Severity and Exploitability Index. vulnerability. CVE-2012-0179: Microsoft
Exploitability Index. Exploitability has not identified any mitigating factors
Index. Exploitability Index. RISK. RISK. for this vulnerability. CVE-2012-0174: An
RISK. Severity. Severity. Severity. attacker must have valid logon credentials
Severity. IMPACT. IMPACT. IMPACT. IMPACT. and be able to log on locally to exploit
1. 2. 2. 3. 3. 1. 2. Office, Windows, this vulnerability. CVE-2012-0179:
.NET, Silverlight. Windows. Windows. Microsoft has not identified any
Office. Office. Visio. .NET. DP. MS12-029. mitigating factors for this vulnerability.
MS12-030. MS12-031. MS12-032. MS12-033. Latest Software. Older Versions.
MS12-034. MS12-035. 1. 2. 3. Critical. 10MS12-033: Vulnerability In Windows
Important. Moderate. Low. Partition Manager Could Allow Elevation of
5Bulletin Deployment Priority. MS12-034 Privilege (2690533). CVE. CVE. Severity.
GDI+/TTF. MS12-029 Word. MS12-035 NETFX. Severity. Exploitability. Exploitability.
MS12-030 Office. MS12-031 Visio. MS12-033 Comment. Comment. Note. Note.
Partition Mgr. MS12-032 TCP/IP. Bulletin. CVE-2012-0178. Important. 1. 1. Elevation
KB. Disclosure. Aggregate Severity. of Privilege. Cooperatively Disclosed.
Exploit Index. Max Impact. Deployment Affected Products. Affected Products. All
Priority. Notes. 2681578. Public. supported versions of Windows 7, Windows
Critical. 1. RCE. 1. All updates are Vista, Windows Server 2008, and Windows
required for each affected product. Server 2008 R2. All supported versions of
2680352. Private. Critical. 1. RCE. 1. Windows 7, Windows Vista, Windows Server
Does not affect Office 2010. 2693777. 2008, and Windows Server 2008 R2. All
Private. Critical. 1. RCE. 2. Both supported versions of Windows 7, Windows
MS12-035 and MS12-034 required for NETFX. Vista, Windows Server 2008, and Windows
2663830. Public. Important. 1. RCE. 2. Server 2008 R2. All supported versions of
Multiple updates per product may be Windows 7, Windows Vista, Windows Server
required. 2597981. Private. Important. 1. 2008, and Windows Server 2008 R2. Affected
RCE. 2. Users should not open attachments Components. Affected Components. Windows
from untrusted sources. 2690533. Private. Partition Manager. Windows Partition
Important. 1. EoP. 3. Requires local Manager. Windows Partition Manager.
system access. 2688338. Public. Important. Windows Partition Manager. Deployment
1. EoP. 3. Elevation of privilege requires Priority. Deployment Priority. 3. 3. 3. 3.
local system access. Main Target. Main Target. Workstations and
6MS12-029: Vulnerability In Microsoft Servers. Workstations and Servers.
Word Could Allow Remote Code Execution Workstations and Servers. Workstations and
(2680352). CVE. CVE. Severity. Severity. Servers. Possible Attack Vectors. Possible
Exploitability. Exploitability. Comment. Attack Vectors. To exploit this
Comment. Comment. Comment. Note. Note. vulnerability, an attacker would first
CVE-2012-0183. Critical. N/A. 1. Remote have to log on to the system. Then, an
Code Execution. Remote Code Execution. attacker could run a specially crafted
Cooperatively Disclosed. Affected application that could exploit the
Products. Affected Products. Office 2007 vulnerability and take complete control
SP2, SP3. Office 2007 SP2, SP3. Office over the affected system. To exploit this
2007 SP2, SP3. Office 2003 SP3, Office vulnerability, an attacker would first
2008 For Mac, Office For Mac 2011, Office have to log on to the system. Then, an
Compatibility Pack SP2, Office attacker could run a specially crafted
Compatibility Pack SP3. Office 2003 SP3, application that could exploit the
Office 2008 For Mac, Office For Mac 2011, vulnerability and take complete control
Office Compatibility Pack SP2, Office over the affected system. To exploit this
Compatibility Pack SP3. Affected vulnerability, an attacker would first
Components. Affected Components. Microsoft have to log on to the system. Then, an
Word. Microsoft Word. Microsoft Word. attacker could run a specially crafted
Microsoft Word. Microsoft Word. Deployment application that could exploit the
Priority. Deployment Priority. 1. 1. 1. 1. vulnerability and take complete control
1. Main Target. Main Target. Workstations. over the affected system. To exploit this
Workstations. Workstations. Workstations. vulnerability, an attacker would first
Workstations. Possible Attack Vectors. have to log on to the system. Then, an
Possible Attack Vectors. Web-Browsing attacker could run a specially crafted
Scenario: An attacker could host a website application that could exploit the
that contains an RTF file that is used to vulnerability and take complete control
exploit this vulnerability. Compromised over the affected system. Impact of
websites and websites that accept or host Attack. Impact of Attack. An attacker who
user-provided content or advertisements successfully exploited this vulnerability
could contain specially crafted content could run arbitrary code in kernel mode
that could be used to exploit this and take complete control of an affected
vulnerability. Email Attack Scenario: An system. An attacker who successfully
attacker could exploit this vulnerability exploited this vulnerability could run
by sending the user the malicious file as arbitrary code in kernel mode and take
an email attachment, and convince the user complete control of an affected system. An
to open the attachment. Web-Browsing attacker who successfully exploited this
Scenario: An attacker could host a website vulnerability could run arbitrary code in
that contains an RTF file that is used to kernel mode and take complete control of
exploit this vulnerability. Compromised an affected system. An attacker who
websites and websites that accept or host successfully exploited this vulnerability
user-provided content or advertisements could run arbitrary code in kernel mode
could contain specially crafted content and take complete control of an affected
that could be used to exploit this system. Mitigating Factors. Mitigating
vulnerability. Email Attack Scenario: An Factors. An attacker must have valid logon
attacker could exploit this vulnerability credentials and be able to log on locally
by sending the user the malicious file as to exploit this vulnerability. An attacker
an email attachment, and convince the user must have valid logon credentials and be
to open the attachment. Web-Browsing able to log on locally to exploit this
Scenario: An attacker could host a website vulnerability. An attacker must have valid
that contains an RTF file that is used to logon credentials and be able to log on
exploit this vulnerability. Compromised locally to exploit this vulnerability. An
websites and websites that accept or host attacker must have valid logon credentials
user-provided content or advertisements and be able to log on locally to exploit
could contain specially crafted content this vulnerability. Additional
that could be used to exploit this Information. Additional Information.
vulnerability. Email Attack Scenario: An Installations using Server Core are
attacker could exploit this vulnerability affected. Installations using Server Core
by sending the user the malicious file as are affected. Installations using Server
an email attachment, and convince the user Core are affected. Installations using
to open the attachment. Web-Browsing Server Core are affected. Latest Software.
Scenario: An attacker could host a website Older Versions.
that contains an RTF file that is used to 11MS12-034: Combined Security Update For
exploit this vulnerability. Compromised Microsoft Office, Windows, .NET Framework,
websites and websites that accept or host and Silverlight (2681578) Slide 1 of 3.
user-provided content or advertisements CVE. CVE. Severity. Severity.
could contain specially crafted content Exploitability. Exploitability. Comment.
that could be used to exploit this Comment. Comment. Comment. Note. Note.
vulnerability. Email Attack Scenario: An CVE-2011-3402. Critical. 1. 1. Remote Code
attacker could exploit this vulnerability Execution. Remote Code Execution. Publicly
by sending the user the malicious file as Disclosed. CVE-2012-0159. Critical. 1. 1.
an email attachment, and convince the user Remote Code Execution. Remote Code
to open the attachment. Web-Browsing Execution. Cooperatively Disclosed.
Scenario: An attacker could host a website CVE-2012-0162. Critical. 1. N/A. Remote
that contains an RTF file that is used to Code Execution. Remote Code Execution.
exploit this vulnerability. Compromised Cooperatively Disclosed. CVE-2012-0164.
websites and websites that accept or host Moderate. N/A. N/A. Denial of Service.
user-provided content or advertisements Denial of Service. Publicly Disclosed.
could contain specially crafted content CVE-2012-0165. Important. 2. 1. Remote
that could be used to exploit this Code Execution. Remote Code Execution.
vulnerability. Email Attack Scenario: An Cooperatively Disclosed. CVE-2012-0167.
attacker could exploit this vulnerability Important. N/A. 1. Remote Code Execution.
by sending the user the malicious file as Remote Code Execution. Cooperatively
an email attachment, and convince the user Disclosed. CVE-2012-0176. Critical. N/A.
to open the attachment. Impact of Attack. 1. Remote Code Execution. Remote Code
Impact of Attack. An attacker who Execution. Cooperatively Disclosed.
successfully exploited this vulnerability CVE-2012-0180. Important. 1. 1. Elevation
could cause arbitrary code to run with the of Privilege. Elevation of Privilege.
privileges of the user who opens a Cooperatively Disclosed. CVE-2012-0181.
specially crafted RTF file or previews or Important. 3. 1. Elevation of Privilege.
opens a specially crafted RTF email Elevation of Privilege. Publicly
message. An attacker who successfully Disclosed. CVE-2012-1848. Important. 1. 1.
exploited this vulnerability could cause Elevation of Privilege. Elevation of
arbitrary code to run with the privileges Privilege. Cooperatively Disclosed. All
of the user who opens a specially crafted supported versions of Windows and Windows
RTF file or previews or opens a specially Server, All supported versions of .NET 3,
crafted RTF email message. An attacker who .NET 3.5.1, and .NET 4; Microsoft
successfully exploited this vulnerability Silverlight 4, Microsoft Silverlight 5.
could cause arbitrary code to run with the All supported versions of Windows and
privileges of the user who opens a Windows Server, All supported versions of
specially crafted RTF file or previews or .NET 3, .NET 3.5.1, and .NET 4; Microsoft
opens a specially crafted RTF email Silverlight 4, Microsoft Silverlight 5.
message. An attacker who successfully All supported versions of Windows and
exploited this vulnerability could cause Windows Server, All supported versions of
arbitrary code to run with the privileges .NET 3, .NET 3.5.1, and .NET 4; Microsoft
of the user who opens a specially crafted Silverlight 4, Microsoft Silverlight 5.
RTF file or previews or opens a specially All supported versions of Office (except
crafted RTF email message. An attacker who Compatibility Pack SP2 and SP3, and Office
successfully exploited this vulnerability For Mac). All supported versions of Office
could cause arbitrary code to run with the (except Compatibility Pack SP2 and SP3,
privileges of the user who opens a and Office For Mac). .NET Framework. .NET
specially crafted RTF file or previews or Framework. .NET Framework. .NET Framework.
opens a specially crafted RTF email .NET Framework. 1. 1. 1. 1. 1.
message. Mitigating Factors. Mitigating Workstations and Servers. Workstations and
Factors. An attacker would have no way to Servers. Workstations and Servers.
force a user to visit a malicious website. Workstations and Servers. Workstations and
An attacker would have no way to force a Servers. Affected Products and Components.
user to visit a malicious website. An Affected Products and Components. Affected
attacker would have no way to force a user Products and Components. Affected Products
to visit a malicious website. An attacker and Components. Deployment Priority.
would have no way to force a user to visit Deployment Priority. Main Target. Main
a malicious website. An attacker would Target. Latest Software. Older Versions.
have no way to force a user to visit a 12MS12-034: Combined Security Update For
malicious website. Additional Information. Microsoft Office, Windows, .NET Framework,
Additional Information. For Microsoft Word and Silverlight (2681578) Slide 2 of 3.
2007, in addition to security update Affected Products and Components. Affected
package KB2596917, customers also need to Products and Components. Possible Attack
install the security update for Microsoft Vectors. CVE-2011-3402, CVE-2012-0159,
Office Compatibility Pack (KB2596880) to CVE-2012-0165: File Sharing Scenario: An
be protected from the vulnerability attacker could exploit this vulnerability
described in this bulletin. Workarounds: by convincing a user to open a specially
Read email in plain text (for more, crafted document file or malicious image
consult KB831607). Use Office File Block on a file or network share. CVE-2011-3402,
Policy to block the opening of RTF CVE-2012-0159, CVE-2012-0162,
documents from unknown or untrusted CVE-2012-0165, CVE-2012-0176,
sources or locations. For Microsoft Word CVE-2012-0167: Web-Browsing Scenario: An
2007, in addition to security update attacker could host a website that
package KB2596917, customers also need to contains a webpage that is used to exploit
install the security update for Microsoft this vulnerability. Compromised websites
Office Compatibility Pack (KB2596880) to and websites that accept or host
be protected from the vulnerability user-provided content or advertisements
described in this bulletin. Workarounds: could contain specially crafted content
Read email in plain text (for more, that could be used to exploit this
consult KB831607). Use Office File Block vulnerability. In the case of
Policy to block the opening of RTF CVE-2012-0167, a webpage would have to
documents from unknown or untrusted host a specially crafted Office document.
sources or locations. For Microsoft Word CVE-2012-0159, CVE-2012-0180,
2007, in addition to security update CVE-2012-0181, CVE-2012-1848: Local Attack
package KB2596917, customers also need to Scenario: To exploit this vulnerability,
install the security update for Microsoft an attacker would first have to log on to
Office Compatibility Pack (KB2596880) to the system. Then, an attacker could run a
be protected from the vulnerability specially crafted application that could
described in this bulletin. Workarounds: exploit the vulnerability and take
Read email in plain text (for more, complete control over the affected system.
consult KB831607). Use Office File Block CVE-2012-0164: An unauthenticated attacker
Policy to block the opening of RTF could send a small number of specially
documents from unknown or untrusted crafted requests to an affected site.
sources or locations. For Microsoft Word CVE-2012-0165, CVE-2012-0167: Email Attack
2007, in addition to security update Scenario: An attacker could exploit this
package KB2596917, customers also need to vulnerability by sending the user the
install the security update for Microsoft malicious file as an email attachment, and
Office Compatibility Pack (KB2596880) to convince the user to open the attachment.
be protected from the vulnerability CVE-2011-3402, CVE-2012-0159,
described in this bulletin. Workarounds: CVE-2012-0165: File Sharing Scenario: An
Read email in plain text (for more, attacker could exploit this vulnerability
consult KB831607). Use Office File Block by convincing a user to open a specially
Policy to block the opening of RTF crafted document file or malicious image
documents from unknown or untrusted on a file or network share. CVE-2011-3402,
sources or locations. For Microsoft Word CVE-2012-0159, CVE-2012-0162,
2007, in addition to security update CVE-2012-0165, CVE-2012-0176,
package KB2596917, customers also need to CVE-2012-0167: Web-Browsing Scenario: An
install the security update for Microsoft attacker could host a website that
Office Compatibility Pack (KB2596880) to contains a webpage that is used to exploit
be protected from the vulnerability this vulnerability. Compromised websites
described in this bulletin. Workarounds: and websites that accept or host
Read email in plain text (for more, user-provided content or advertisements
consult KB831607). Use Office File Block could contain specially crafted content
Policy to block the opening of RTF that could be used to exploit this
documents from unknown or untrusted vulnerability. In the case of
sources or locations. Latest Software. CVE-2012-0167, a webpage would have to
Older Versions. host a specially crafted Office document.
7MS12-030: Vulnerabilities In Microsoft CVE-2012-0159, CVE-2012-0180,
Office Could Allow Remote Code Execution CVE-2012-0181, CVE-2012-1848: Local Attack
(2663830). CVE. CVE. Severity. Severity. Scenario: To exploit this vulnerability,
Exploitability. Exploitability. Comment. an attacker would first have to log on to
Comment. Note. Note. CVE-2012-0141. the system. Then, an attacker could run a
Important. 3. 3. Remote Code Execution. specially crafted application that could
Cooperatively Disclosed. CVE-2012-0142. exploit the vulnerability and take
Important. 3. 3. Remote Code Execution. complete control over the affected system.
Cooperatively Disclosed. CVE-2012-0143. CVE-2012-0164: An unauthenticated attacker
Important. N/A. 1. Remote Code Execution. could send a small number of specially
Publicly Disclosed. CVE-2012-0184. crafted requests to an affected site.
Important. 3. 1. Remote Code Execution. CVE-2012-0165, CVE-2012-0167: Email Attack
Cooperatively Disclosed. CVE-2012-0185. Scenario: An attacker could exploit this
Important. 2. 2. Remote Code Execution. vulnerability by sending the user the
Cooperatively Disclosed. CVE-2012-1847. malicious file as an email attachment, and
Important. 1. 1. Remote Code Execution. convince the user to open the attachment.
Cooperatively Disclosed. Affected All supported versions of Windows and
Products. Affected Products. Microsoft Windows Server; All supported versions of
Office 2010 SP1, Office 2010, Office 2007 .NET 3, .NET 3.5.1, and .NET 4; Microsoft
SP3, Office 2007 SP2, Office 2003 SP3, Silverlight 4, Microsoft Silverlight 5.
Office 2008 for Mac, Office for Mac 2011, All supported versions of Office (except
Microsoft Excel Viewer, Office Compatibility SP2 and SP3, and Office For
Compatibility Pack SP2 and SP3. Microsoft Mac). .NET Framework. .NET Framework.
Office 2010 SP1, Office 2010, Office 2007 CVE-2011-3402 RCE. CVE-2012-0159 RCE.
SP3, Office 2007 SP2, Office 2003 SP3, CVE-2012-0162 RCE. CVE-2012-0164 DoS.
Office 2008 for Mac, Office for Mac 2011, CVE-2012-0165 RCE. CVE-2012-0167 RCE.
Microsoft Excel Viewer, Office CVE-2012-0176 RCE. CVE-2012-0180 EoP.
Compatibility Pack SP2 and SP3. Microsoft CVE-2012-0181 EoP. CVE-2012-1848 EoP.
Office 2010 SP1, Office 2010, Office 2007 13MS12-034: Combined Security Update For
SP3, Office 2007 SP2, Office 2003 SP3, Microsoft Office, Windows, .NET Framework,
Office 2008 for Mac, Office for Mac 2011, and Silverlight (2681578) Slide 3 of 3.
Microsoft Excel Viewer, Office Affected Products and Components. Affected
Compatibility Pack SP2 and SP3. Microsoft Products and Components. Impact of Attack.
Office 2010 SP1, Office 2010, Office 2007 Mitigating Factors. CVE-2011-3402,
SP3, Office 2007 SP2, Office 2003 SP3, CVE-2012-0159, CVE-2012-0162,
Office 2008 for Mac, Office for Mac 2011, CVE-2012-0165, CVE-2012-0167,
Microsoft Excel Viewer, Office CVE-2012-0176: An attacker successfully
Compatibility Pack SP2 and SP3. Affected exploiting this issue could gain the same
Components. Affected Components. Microsoft user rights as a logged-on user.
Excel. Microsoft Excel. Microsoft Excel. CVE-2012-0159: An attacker who
Microsoft Excel. Deployment Priority. successfully exploited this vulnerability
Deployment Priority. 2. 2. 2. 2. Main could run arbitrary code in Kernel mode
Target. Main Target. Workstations. and take complete control of an affected
Workstations. Workstations. Workstations. system. CVE-2012-0181, CVE-2012-1848: An
Possible Attack Vectors. Possible Attack attacker who successfully exploited this
Vectors. Web-Browsing Scenario: An vulnerability could run arbitrary code in
attacker could host a website that the context of another process.
contains a specially crafted Excel file CVE-2012-0164: An attacker could cause
that is used to exploit this applications created using WPF APIs that
vulnerability. Compromised websites and are running on a user's system to stop
websites that accept or host user-provided responding until manually restarted.
content or advertisements could contain CVE-2011-3402, CVE-2012-0159,
specially crafted content that could be CVE-2012-0162, CVE-2012-0165,
used to exploit this vulnerability. Email CVE-2012-0167, CVE-2012-0176: An attacker
Attack Scenario: An attacker could exploit successfully exploiting this issue could
this vulnerability by sending the user the gain the same user rights as a logged-on
malicious file as an email attachment, and user. CVE-2012-0159: An attacker who
convince the user to open the attachment. successfully exploited this vulnerability
Web-Browsing Scenario: An attacker could could run arbitrary code in Kernel mode
host a website that contains a specially and take complete control of an affected
crafted Excel file that is used to exploit system. CVE-2012-0181, CVE-2012-1848: An
this vulnerability. Compromised websites attacker who successfully exploited this
and websites that accept or host vulnerability could run arbitrary code in
user-provided content or advertisements the context of another process.
could contain specially crafted content CVE-2012-0164: An attacker could cause
that could be used to exploit this applications created using WPF APIs that
vulnerability. Email Attack Scenario: An are running on a user's system to stop
attacker could exploit this vulnerability responding until manually restarted.
by sending the user the malicious file as CVE-2011-3402, CVE-2012-0159,
an email attachment, and convince the user CVE-2012-0162, CVE-2012-0165,
to open the attachment. Web-Browsing CVE-2012-0167, CVE-2012-0176: An attacker
Scenario: An attacker could host a website would have no way to force users to visit
that contains a specially crafted Excel a website or open an email attachment.
file that is used to exploit this CVE-2011-3402, CVE-2012-0159: By default,
vulnerability. Compromised websites and all supported versions of Microsoft
websites that accept or host user-provided Outlook, Microsoft Outlook Express, and
content or advertisements could contain Windows Mail open HTML email messages in
specially crafted content that could be the Restricted Sites Zone. CVE-2012-0162,
used to exploit this vulnerability. Email CVE-2012-0176, CVE-2012-1848: By default,
Attack Scenario: An attacker could exploit Internet Explorer on Windows Server 2003,
this vulnerability by sending the user the Windows Server 2008, and Windows Server
malicious file as an email attachment, and 2008 R2 runs in a restricted mode that is
convince the user to open the attachment. known as Enhanced Security Configuration.
Web-Browsing Scenario: An attacker could CVE-2012-0180, CVE-2012-0181: An attacker
host a website that contains a specially must have valid logon credentials and be
crafted Excel file that is used to exploit able to log on locally to exploit this
this vulnerability. Compromised websites vulnerability. CVE-2012-0162: On systems
and websites that accept or host where MS11-044 has been applied, users
user-provided content or advertisements will be prompted before XBAP applications
could contain specially crafted content will execute when in the Internet Zone of
that could be used to exploit this Internet Explorer. A user must click
vulnerability. Email Attack Scenario: An through this prompt in order to run the
attacker could exploit this vulnerability XBAP application on their system.
by sending the user the malicious file as CVE-2012-0164: Microsoft has not
an email attachment, and convince the user identified any mitigating factors for this
to open the attachment. Impact of Attack. vulnerability. CVE-2011-3402,
Impact of Attack. An attacker who CVE-2012-0159, CVE-2012-0162,
successfully exploited this vulnerability CVE-2012-0165, CVE-2012-0167,
could run arbitrary code as the logged-on CVE-2012-0176: An attacker would have no
user. An attacker who successfully way to force users to visit a website or
exploited this vulnerability could run open an email attachment. CVE-2011-3402,
arbitrary code as the logged-on user. An CVE-2012-0159: By default, all supported
attacker who successfully exploited this versions of Microsoft Outlook, Microsoft
vulnerability could run arbitrary code as Outlook Express, and Windows Mail open
the logged-on user. An attacker who HTML email messages in the Restricted
successfully exploited this vulnerability Sites Zone. CVE-2012-0162, CVE-2012-0176,
could run arbitrary code as the logged-on CVE-2012-1848: By default, Internet
user. Mitigating Factors. Mitigating Explorer on Windows Server 2003, Windows
Factors. An attacker would have no way to Server 2008, and Windows Server 2008 R2
force users to visit a website or open an runs in a restricted mode that is known as
email attachment. The vulnerability cannot Enhanced Security Configuration.
be exploited automatically through email. CVE-2012-0180, CVE-2012-0181: An attacker
For an attack to be successful a user must must have valid logon credentials and be
open an attachment that is sent in an able to log on locally to exploit this
email message. An attacker would have no vulnerability. CVE-2012-0162: On systems
way to force users to visit a website or where MS11-044 has been applied, users
open an email attachment. The will be prompted before XBAP applications
vulnerability cannot be exploited will execute when in the Internet Zone of
automatically through email. For an attack Internet Explorer. A user must click
to be successful a user must open an through this prompt in order to run the
attachment that is sent in an email XBAP application on their system.
message. An attacker would have no way to CVE-2012-0164: Microsoft has not
force users to visit a website or open an identified any mitigating factors for this
email attachment. The vulnerability cannot vulnerability. CVE-2011-3402 RCE.
be exploited automatically through email. CVE-2012-0159 RCE. CVE-2012-0162 RCE.
For an attack to be successful a user must CVE-2012-0164 DoS. CVE-2012-0165 RCE.
open an attachment that is sent in an CVE-2012-0167 RCE. CVE-2012-0176 RCE.
email message. An attacker would have no CVE-2012-0180 EoP. CVE-2012-0181 EoP.
way to force users to visit a website or CVE-2012-1848 EoP. All supported versions
open an email attachment. The of Windows and Windows Server, All
vulnerability cannot be exploited supported versions of .NET 3, .NET 3.5.1,
automatically through email. For an attack and .NET 4; Microsoft Silverlight 4,
to be successful a user must open an Microsoft Silverlight 5. All supported
attachment that is sent in an email versions of Office (except Compatibility
message. Additional Information. SP2 and SP3, and Office For Mac). .NET
Additional Information. For Microsoft Framework. .NET Framework.
Excel 2007, in addition to security update 14MS12-035: Vulnerabilities in .NET
package KB2597161, customers also need to Framework Could Allow Remote Code
install the security update for the Execution (2693777). CVE. CVE. Severity.
Microsoft Office Compatibility Pack Severity. Exploitability. Exploitability.
(KB2597162). Microsoft Excel Viewer must Comment. Comment. Note. Note. Web-Browsing
be updated to a supported service pack Scenario: An attacker could host a
level (Excel Viewer 2007 Service Pack 2 or specially crafted website that contains a
Excel Viewer 2007 Service Pack 3) before specially crafted XBAP (XAML browser
installing this update. For Microsoft application) that is used to exploit this
Excel 2007, in addition to security update vulnerability. Compromised websites and
package KB2597161, customers also need to websites that accept or host user-provided
install the security update for the content or advertisements could contain
Microsoft Office Compatibility Pack specially crafted content that could be
(KB2597162). Microsoft Excel Viewer must used to exploit this vulnerability. This
be updated to a supported service pack vulnerability could also be used by
level (Excel Viewer 2007 Service Pack 2 or Windows .NET applications to bypass Code
Excel Viewer 2007 Service Pack 3) before Access Security (CAS) restrictions.
installing this update. For Microsoft Web-Browsing Scenario: An attacker could
Excel 2007, in addition to security update host a specially crafted website that
package KB2597161, customers also need to contains a specially crafted XBAP (XAML
install the security update for the browser application) that is used to
Microsoft Office Compatibility Pack exploit this vulnerability. Compromised
(KB2597162). Microsoft Excel Viewer must websites and websites that accept or host
be updated to a supported service pack user-provided content or advertisements
level (Excel Viewer 2007 Service Pack 2 or could contain specially crafted content
Excel Viewer 2007 Service Pack 3) before that could be used to exploit this
installing this update. For Microsoft vulnerability. This vulnerability could
Excel 2007, in addition to security update also be used by Windows .NET applications
package KB2597161, customers also need to to bypass Code Access Security (CAS)
install the security update for the restrictions. Web-Browsing Scenario: An
Microsoft Office Compatibility Pack attacker could host a specially crafted
(KB2597162). Microsoft Excel Viewer must website that contains a specially crafted
be updated to a supported service pack XBAP (XAML browser application) that is
level (Excel Viewer 2007 Service Pack 2 or used to exploit this vulnerability.
Excel Viewer 2007 Service Pack 3) before Compromised websites and websites that
installing this update. Latest Software. accept or host user-provided content or
Older Versions. advertisements could contain specially
8MS12-031: Vulnerability In Microsoft crafted content that could be used to
Visio Viewer Could Allow Remote Code exploit this vulnerability. This
Execution (2597981). Web-Browsing vulnerability could also be used by
Scenario: An attacker could host a website Windows .NET applications to bypass Code
that contains a Visio file that is used to Access Security (CAS) restrictions.
exploit this vulnerability. Compromised Web-Browsing Scenario: An attacker could
websites and websites that accept or host host a specially crafted website that
user-provided content or advertisements contains a specially crafted XBAP (XAML
could contain specially crafted content browser application) that is used to
that could be used to exploit this exploit this vulnerability. Compromised
vulnerability. Email Attack Scenario: An websites and websites that accept or host
attacker could exploit this vulnerability user-provided content or advertisements
by sending the user the malicious file as could contain specially crafted content
an email attachment, and convince the user that could be used to exploit this
to open the attachment. Web-Browsing vulnerability. This vulnerability could
Scenario: An attacker could host a website also be used by Windows .NET applications
that contains a Visio file that is used to to bypass Code Access Security (CAS)
exploit this vulnerability. Compromised restrictions. An attacker would have no
websites and websites that accept or host way to force users to visit a website. By
user-provided content or advertisements default, Internet Explorer on Windows
could contain specially crafted content Server 2003, Windows Server 2008, and
that could be used to exploit this Windows Server 2008 R2 runs in a
vulnerability. Email Attack Scenario: An restricted mode that is known as Enhanced
attacker could exploit this vulnerability Security Configuration. Standard .NET
by sending the user the malicious file as Framework applications are not affected by
an email attachment, and convince the user this vulnerability. Only specially crafted
to open the attachment. Web-Browsing .NET Framework applications could exploit
Scenario: An attacker could host a website this vulnerability. (CVE-2012-0160). An
that contains a Visio file that is used to attacker would have no way to force users
exploit this vulnerability. Compromised to visit a website. By default, Internet
websites and websites that accept or host Explorer on Windows Server 2003, Windows
user-provided content or advertisements Server 2008, and Windows Server 2008 R2
could contain specially crafted content runs in a restricted mode that is known as
that could be used to exploit this Enhanced Security Configuration. Standard
vulnerability. Email Attack Scenario: An .NET Framework applications are not
attacker could exploit this vulnerability affected by this vulnerability. Only
by sending the user the malicious file as specially crafted .NET Framework
an email attachment, and convince the user applications could exploit this
to open the attachment. Web-Browsing vulnerability. (CVE-2012-0160). An
Scenario: An attacker could host a website attacker would have no way to force users
that contains a Visio file that is used to to visit a website. By default, Internet
exploit this vulnerability. Compromised Explorer on Windows Server 2003, Windows
websites and websites that accept or host Server 2008, and Windows Server 2008 R2
user-provided content or advertisements runs in a restricted mode that is known as
could contain specially crafted content Enhanced Security Configuration. Standard
that could be used to exploit this .NET Framework applications are not
vulnerability. Email Attack Scenario: An affected by this vulnerability. Only
attacker could exploit this vulnerability specially crafted .NET Framework
by sending the user the malicious file as applications could exploit this
an email attachment, and convince the user vulnerability. (CVE-2012-0160). An
to open the attachment. An attacker who attacker would have no way to force users
successfully exploited this vulnerability to visit a website. By default, Internet
could run arbitrary code in the context of Explorer on Windows Server 2003, Windows
the current user. An attacker who Server 2008, and Windows Server 2008 R2
successfully exploited this vulnerability runs in a restricted mode that is known as
could run arbitrary code in the context of Enhanced Security Configuration. Standard
the current user. An attacker who .NET Framework applications are not
successfully exploited this vulnerability affected by this vulnerability. Only
could run arbitrary code in the context of specially crafted .NET Framework
the current user. An attacker who applications could exploit this
successfully exploited this vulnerability vulnerability. (CVE-2012-0160).
could run arbitrary code in the context of CVE-2012-0160. Critical. 1. 1. Remote Code
the current user. An attacker would have Execution. Cooperatively Disclosed.
no way to force users to visit a website CVE-2012-0161. Critical. 1. 1. Remote Code
or open an email attachment. By default, Execution. Cooperatively Disclosed.
Internet Explorer on Windows Server 2003, Affected Products. Affected Products. All
Windows Server 2008, and Windows Server supported versions of .NET Framework on
2008 R2 runs in a restricted mode that is all supported versions of Windows and
known as Enhanced Security Configuration. Windows Server. All supported versions of
By default, all supported versions of .NET Framework on all supported versions
Microsoft Outlook, Microsoft Outlook of Windows and Windows Server. All
Express, and Windows Mail open HTML email supported versions of .NET Framework on
messages in the Restricted Sites Zone. An all supported versions of Windows and
attacker would have no way to force users Windows Server. All supported versions of
to visit a website or open an email .NET Framework on all supported versions
attachment. By default, Internet Explorer of Windows and Windows Server. Affected
on Windows Server 2003, Windows Server Components. Affected Components. .NET
2008, and Windows Server 2008 R2 runs in a Framework. .NET Framework. .NET Framework.
restricted mode that is known as Enhanced .NET Framework. Deployment Priority.
Security Configuration. By default, all Deployment Priority. 2. 2. 2. 2. Main
supported versions of Microsoft Outlook, Target. Main Target. Workstations and
Microsoft Outlook Express, and Windows Servers. Workstations and Servers.
Mail open HTML email messages in the Workstations and Servers. Workstations and
Restricted Sites Zone. An attacker would Servers. Possible Attack Vectors. Possible
have no way to force users to visit a Attack Vectors. Impact of Attack. Impact
website or open an email attachment. By of Attack. An attacker successfully
default, Internet Explorer on Windows exploiting this issue could gain the same
Server 2003, Windows Server 2008, and user rights as a logged-on user. An
Windows Server 2008 R2 runs in a attacker successfully exploiting this
restricted mode that is known as Enhanced issue could gain the same user rights as a
Security Configuration. By default, all logged-on user. An attacker successfully
supported versions of Microsoft Outlook, exploiting this issue could gain the same
Microsoft Outlook Express, and Windows user rights as a logged-on user. An
Mail open HTML email messages in the attacker successfully exploiting this
Restricted Sites Zone. An attacker would issue could gain the same user rights as a
have no way to force users to visit a logged-on user. Mitigating Factors.
website or open an email attachment. By Mitigating Factors. Additional
default, Internet Explorer on Windows Information. Additional Information. .NET
Server 2003, Windows Server 2008, and Framework 4 and .NET Framework 4 Client
Windows Server 2008 R2 runs in a Profile Affected. .NET Framework 4 and
restricted mode that is known as Enhanced .NET Framework 4 Client Profile Affected.
Security Configuration. By default, all .NET Framework 4 and .NET Framework 4
supported versions of Microsoft Outlook, Client Profile Affected. .NET Framework 4
Microsoft Outlook Express, and Windows and .NET Framework 4 Client Profile
Mail open HTML email messages in the Affected. Latest Software. Older Versions.
Restricted Sites Zone. CVE. CVE. Severity. 15Security Advisory 2695962 – Remote
Severity. Exploitability. Exploitability. Code Execution Update Rollup For Active X
Comment. Comment. Note. Note. Kill Bits. This update sets the kill bits
CVE-2012-0018. Important. 1. N/A. Remote for the following third-party software:
Code Execution. Cooperatively Disclosed. Cisco Clientless VPN solution. Installing
Affected Products. Affected Products. All this update will block the vulnerable
supported versions of Microsoft Visio control from running in Internet Explorer.
Viewer 2010. All supported versions of For more information regarding security
Microsoft Visio Viewer 2010. All supported issues in the Cisco Clientless VPN
versions of Microsoft Visio Viewer 2010. solution ActiveX control, please see the
All supported versions of Microsoft Visio Cisco Security Advisory, Cisco ASA 5500
Viewer 2010. Affected Components. Affected Series Adaptive Security Appliance
Components. Visio Viewer. Visio Viewer. Clientless VPN ActiveX Control Remote Code
Visio Viewer. Visio Viewer. Deployment Execution Vulnerability. This advisory
Priority. Deployment Priority. 2. 2. 2. 2. affects all supported versions of Windows.
Main Target. Main Target. Workstations. 16Detection & Deployment. MS12-029
Workstations. Workstations. Workstations. Word. MS12-030 Office. MS12-031 Visio.
Possible Attack Vectors. Possible Attack MS12-032 TCP/IP. MS12-033 Partition Mgr.
Vectors. Impact of Attack. Impact of MS12-034 GDI+/TTF. MS12-035 NETFX.
Attack. Mitigating Factors. Mitigating Bulletin. Windows Update. Microsoft
Factors. Latest Software. Older Versions. Update. MBSA. WSUS 3.0. SMS 2003 with
9MS12-032: Vulnerability In TCP/IP ITMU. SCCM 2007. No. Yes*. Yes*. Yes*.
Could Allow Elevation of Privilege Yes*. Yes*. No. Yes. Yes*. Yes*. Yes*.
(2688338). CVE. CVE. Severity. Severity. Yes*. No. Yes. Yes. Yes. Yes. Yes. Yes.
Exploitability. Exploitability. Comment. Yes. Yes. Yes. Yes. Yes. Yes. Yes. Yes.
Comment. Note. Note. CVE-2012-0174. Yes. Yes. Yes. Yes. Yes**. Yes. Yes. Yes.
Important. N/A. N/A. Security Bypass. Yes**. Yes. Yes. Yes. Yes. Yes. Yes.
Cooperatively Disclosed. CVE-2012-0179. *Except in Microsoft Office 2008 for Mac
Important. 1. N/A. Elevation of Privilege. and Microsoft Office for Mac 2011 **Except
Publicly Disclosed. Affected Products. Silverlight 4 installed on Mac OS.
Affected Products. All supported versions 17Other Update Information. MS12-029
of Windows 7, Windows Vista, Windows Word. MS12-030 Office. MS12-031 Visio.
Server 2008, and Windows Server 2008 R2. MS12-032 TCP/IP. MS12-033 Partition Mgr.
All supported versions of Windows 7, MS12-034 GDI+/TTF. MS12-035 NETFX.
Windows Vista, Windows Server 2008, and Bulletin. Restart. Uninstall. Replaces.
Windows Server 2008 R2. All supported Maybe. Yes. MS11-089, MS11-094. Maybe.
versions of Windows 7, Windows Vista, Yes. MS11-072, MS11-089, MS11-096. Maybe.
Windows Server 2008, and Windows Server Yes. MS12-015. Yes. Yes. MS11-083. Yes.
2008 R2. All supported versions of Windows Yes. None. Yes. No. MS10-087, MS12-018.
7, Windows Vista, Windows Server 2008, and No. Yes. MS11-028, MS11-044, MS11-078,
Windows Server 2008 R2. Affected MS11-100, MS12-016.
Components. Affected Components. Windows 18Windows Malicious Software Removal
Firewall, TCP/IP. Windows Firewall, Tool (MSRT). During this release Microsoft
TCP/IP. Windows Firewall, TCP/IP. Windows will increase detection capability for the
Firewall, TCP/IP. Deployment Priority. following families in the MSRT:
Deployment Priority. 3. 3. 3. 3. Main Win32/Unruy: A trojan that is capable of
Target. Main Target. Workstations and connecting to certain remote servers to
Servers. Workstations and Servers. download and execute arbitrary files. It
Workstations and Servers. Workstations and can also delete files, schedule tasks, and
Servers. Possible Attack Vectors. Possible perform other actions. Depending on the
Attack Vectors. CVE-2012-0174: In order to computer's Internet Explorer settings, may
use this vulnerability, an attacker would also disable third-party browser
first have to gain access to the local extensions and BHOs from running.
subnet of the target computer. An attacker Win32/Dishigy: A trojan that captures
could then use another vulnerability to keystrokes and steals login credentials
acquire information about the target through a method known as "form
system or execute code on the target grabbing". It sends captured data to
system. CVE-2012-0179: To exploit this a remote attacker and is capable of
vulnerability, an attacker would first downloading additional malicious
have to log on to the system. An attacker components. For the first time, Microsoft
could then run a specially crafted is releasing MSRT to Windows 8 machines.
application that could exploit the Available as a priority update through
vulnerability and take complete control Windows Update or Microsoft Update. Is
over the affected system. CVE-2012-0174: offered through WSUS 3.0 or as a download
In order to use this vulnerability, an at: www.microsoft.com/malwareremove.
attacker would first have to gain access 19Resources. Bulletins, Advisories,
to the local subnet of the target Notifications & Newsletters Security
computer. An attacker could then use Bulletins Summary:
another vulnerability to acquire www.microsoft.com/technet/security/bulleti
information about the target system or /summary.mspx Security Bulletins Search:
execute code on the target system. www.microsoft.com/technet/security/current
CVE-2012-0179: To exploit this aspx Security Advisories:
vulnerability, an attacker would first www.microsoft.com/technet/security/advisor
have to log on to the system. An attacker / Microsoft Technical Security
could then run a specially crafted Notifications:
application that could exploit the www.microsoft.com/technet/security/bulleti
vulnerability and take complete control /notify.mspx Microsoft Security
over the affected system. CVE-2012-0174: Newsletter:
In order to use this vulnerability, an www.microsoft.com/technet/security/secnews
attacker would first have to gain access Other Resources Update Management Process
to the local subnet of the target http://www.microsoft.com/technet/security/
computer. An attacker could then use uidance/patchmanagement/secmod193.mspx
another vulnerability to acquire Microsoft Active Protection Program
information about the target system or Partners:
execute code on the target system. http://www.microsoft.com/security/msrc/map
CVE-2012-0179: To exploit this /partners.mspx. Blogs Microsoft Security
vulnerability, an attacker would first Response Center (MSRC) blog:
have to log on to the system. An attacker www.blogs.technet.com/msrc Security
could then run a specially crafted Research & Defense blog:
application that could exploit the http://blogs.technet.com/srd Microsoft
vulnerability and take complete control Malware Protection Center Blog:
over the affected system. CVE-2012-0174: http://blogs.technet.com/mmpc/ Twitter
In order to use this vulnerability, an @MSFTSecResponse Security Centers
attacker would first have to gain access Microsoft Security Home Page:
to the local subnet of the target www.microsoft.com/security TechNet
computer. An attacker could then use Security Center:
another vulnerability to acquire www.microsoft.com/technet/security MSDN
information about the target system or Security Developer Center:
execute code on the target system. http://msdn.microsoft.com/en-us/security/d
CVE-2012-0179: To exploit this fault.aspx.
vulnerability, an attacker would first 20Questions and Answers. Submit text
have to log on to the system. An attacker questions using the “Ask” button. Don’t
could then run a specially crafted forget to fill out the survey. A recording
application that could exploit the of this webcast will be available within
vulnerability and take complete control 48 hours on the MSRC Blog:
over the affected system. Impact of http://blogs.technet.com/msrc Register for
Attack. Impact of Attack. CVE-2012-0174: next month’s webcast at:
An attacker who successfully exploited http://microsoft.com/technet/security/curr
this vulnerability could bypass Windows nt.aspx.
Firewall. CVE-2012-0179: An attacker who 21© 2012 Microsoft Corporation. All
successfully exploited this vulnerability rights reserved. Microsoft, Windows,
could run arbitrary code in the context of Windows Vista and other product names are
another process. CVE-2012-0174: An or may be registered trademarks and/or
attacker who successfully exploited this trademarks in the U.S. and/or other
vulnerability could bypass Windows countries. The information herein is for
Firewall. CVE-2012-0179: An attacker who informational purposes only and represents
successfully exploited this vulnerability the current view of Microsoft Corporation
could run arbitrary code in the context of as of the date of this presentation.
another process. CVE-2012-0174: An Because Microsoft must respond to changing
attacker who successfully exploited this market conditions, it should not be
vulnerability could bypass Windows interpreted to be a commitment on the part
Firewall. CVE-2012-0179: An attacker who of Microsoft, and Microsoft cannot
successfully exploited this vulnerability guarantee the accuracy of any information
could run arbitrary code in the context of provided after the date of this
another process. CVE-2012-0174: An presentation. MICROSOFT MAKES NO
attacker who successfully exploited this WARRANTIES, EXPRESS, IMPLIED OR STATUTORY,
vulnerability could bypass Windows AS TO THE INFORMATION IN THIS
Firewall. CVE-2012-0179: An attacker who PRESENTATION.
Information About Microsoft May 2012 Security Bulletins.pptx
http://900igr.net/kartinka/informatika/information-about-microsoft-may-2012-security-bulletins-191728.html
cсылка на страницу

Information About Microsoft May 2012 Security Bulletins

другие презентации на тему «Information About Microsoft May 2012 Security Bulletins»

«Microsoft программы» - Microsoft excel 2007 (окно программы). Программы Microsoft Office. Microsoft word 2003 (окно программы). Microsoft access 2007 (окно программы). Современное общество уделяет рекламе много внимания. Microsoft excel (табличный процессор). Microsoft outlook express (окно программы). Microsoft excel 2003 (окно программы).

«Microsoft Word 2007» - Начало работы с Microsoft Word 2007 Лента. Чтобы быстро свернуть ленту, дважды щелкните имя активной вкладки. В некоторых случаях после нажатия кнопки появляется диалоговое окно. Вопросы для самостоятельной работы. Интерфейс Microsoft Word 2007 Элементы управления. Запуск Microsoft Word 2007 Компоненты окна Microsoft Word 2007.

«Портал Microsoft» - Сервер приложений. Анализирует продажи. Ask the Expert. Быстрая интеграция приложений. Проблемы бизнеса. Web-сервисы / API / MSMQ. Microsoft SharePoint. Получает уведомление. <tag1> -> field1 <tag2> -> field2 <tag3> -> field3 … <tagN> -> fieldN. Приложение. Sales Line.

«Microsoft Office 2007» - The vast majority of enterprises are at least considering implementing or upgrading to MOSS 2007. Most will deploy MOSS based on roles or departments. . . . which leads to replacements of existing ECM implementations. Survey and data methodology. And most will do so within the next 12 months, if they haven’t already.

«Технологии Microsoft» - Задачи семинара. Направления взаимодействия Microsoft с системой образования. Нам важно ваше мнение! Партнеры Программы Microsoft IT Academy. Microsoft в образовании. Требуется новый уровень осмысления проблемы использования технологий в учебном процессе. Использование технологий в образовании. Роль Программы «Академия информационных технологий Microsoft» (Microsoft IT Academy).

«Программа Microsoft Office 2007» - Microsoft Excel. Microsoft Office 2007. Microsoft Word Microsoft Excel Microsoft PowerPoint Microsoft Access. Microsoft Access —приложение для управления базами данных. Microsoft Access. Microsoft Word. Структура офисного приложения. Microsoft PowerPoint.

Microsoft

6 презентаций о Microsoft
Урок

Информатика

130 тем
Картинки
900igr.net > Презентации по информатике > Microsoft > Information About Microsoft May 2012 Security Bulletins