Start a Conversation

Unsolved

This post is more than 5 years old

3 Apprentice

 • 

15.3K Posts

4475

May 8th, 2012 05:00

Updates 5/8/12 - ''Microsoft Tuesday'', various Adobe programs

Today is "Microsoft Tuesday" --- the second Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows critical/security updates.   Based on previous history, they should become available at 1 PM [USA - Eastern Daylight Saving Time].

Please use WIndows/Automatic Updates to determine which updates --- if any --- are applicable to your particular system.

3 Apprentice

 • 

15.3K Posts

May 8th, 2012 11:00

The following 3 updates are rated CRITICAL:

 MS12-029 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) 

MS12-034 Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) 

MS12-035 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777) 

==============================

The following 4 updates are rated IMPORTANT:

MS12-030 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830) 

MS12-031 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981) 

MS12-032 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) 

MS12-033 Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533) 






 




 

3 Apprentice

 • 

15.3K Posts

May 8th, 2012 12:00

This month's Malicious Software Removal Tool (MSRT, or MRT), version 4.8, adds detection/removal of

Win32/Unruy - "a trojan that displays out of context advertisements and performs ad-clicking in order to gather revenue for its controllers. It communicates with remote hosts and may also download and execute arbitrary files in order to perform this payload".

Win32/Dishigy - "a family of trojans that can be instructed to perform denial of service attacks on remote hosts. The trojan attempts to connect to a remote host in order to obtain configuration information, and may be instructed to perform any one of several types of attacks".

32-bit version for windows 7/vista/XP/Server2003 http://www.microsoft.com/en-us/download/details.aspx?id=16 

x64-bit version http://www.microsoft.com/en-us/download/details.aspx?id=9905

3 Apprentice

 • 

15.3K Posts

May 9th, 2012 04:00

Adobe Shockwave Player is NOT a required program... it's primarily used by some "gaming" programs.   If you don't have already have it, you probably don't need it.   But for those of you who have/use it, it's time for an update.  

The following has been copied/pasted from http://secunia.com/advisories/49086 :

 

Description

Multiple vulnerabilities [some of which are rated HIGHLY Critical] have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error can be exploited to corrupt memory.

2) Another unspecified error can be exploited to corrupt memory.

3) Another unspecified error can be exploited to corrupt memory.

4) Another unspecified error can be exploited to corrupt memory.

5) Another unspecified error can be exploited to corrupt memory.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

The vulnerabilities are reported in versions 11.6.4.634 and prior for Windows and Macintosh.

Solution
Update to version 11.6.5.635.

See also http://www.adobe.com/support/security/bulletins/apsb12-13.html

========================================================================================

Adobe also updated the following programs:

Adobe Illustrator http://www.adobe.com/support/security/bulletins/apsb12-10.html

Adobe Photoshop http://www.adobe.com/support/security/bulletins/apsb12-11.html

Adobe Flash PROFESSIONAL CS 5.5 http://www.adobe.com/support/security/bulletins/apsb12-12.html  ( Stress that Flash PRO is NOT the same as the "standard" Flash Player we often mention here. )

No Events found!

Top