Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Microsoft Patch Tuesday - January 2012

January 11, 2012

  • Blog
  • Archive
Before we get started on this month's releases, just a quick reminder that Microsoft released an out-of-band (OOB) security bulletin (MS11-100) late last month. That brought their 2011 total to 100 bulletins - so much for keeping it in double digits. To start off the new year, today Microsoft released seven bulletins. Microsoft finally tamed the BEAST with this latest patch Tuesday - if you remember it was held back last month for not playing well with other software. Redmond also included patches for two issues leading to remote code execution within Windows Media Player and DirectShow, as well as a tricky Unicode parsing gaff found in Japanese, Chinese and Korean locale configurations. Not to be left out, Adobe released a bulletin that addressed four different remote code execution vulnerabilities within Adobe Acrobat and Adobe Reader. Tomorrow brings another episode of the Vulnerability Expert Forum (VEF). Listen in as the eEye Research Team discusses today's bulletins and the month in security. The list of Retina Network Security Scanner audits associated with these bulletins is also available for your reference. Here are this month's recommendations from the eEye Research Team:
Deploy Immediately MS12-004 – Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) Recommendation: Install the patch immediately to prevent exploitation by attackers. Until the patch can be installed, disable MIDI files from being parsed and disable the Line21 filter for DirectShow. Deploy As Soon As Possible MS12-001 – Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615) Recommendation: Deploy patches as soon as possible. Until the patch can be installed, make sure that Structured Exception Handling Overwrite Protection (SEHOP) is enabled on affected systems. This mitigation is not available to XP and Server 2003 users. Additionally, developers are encouraged to use a version of Visual C++ more recent than 2003; using the most recent version of software is always advised as a security best practice (see the eEye configuration report at www.eeye.com/securityresearch for more information). MS12-002 – Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381) Recommendation: Deploy patches as soon as possible. Until the patch can be installed, block ports 139 and 445 using a firewall and prevent the WebClient service from running. Additionally, use the registry editor to set a full path to packager.exe in the default value of HKCRPackageProtocolStdFileEditingServer. MS12-003 – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524) Recommendation: Deploy patches as soon as possible, since no mitigation is available. MS12-005 – Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146) Recommendation: Deploy patches as soon as possible. Until the patch can be installed, unregister the .application file association in the Windows registry. MS12-006 – Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) Recommendation: Deploy patches as soon as possible. Until the patch can be installed, Enable TLS 1.1 and 1.2, prioritize the RC4 algorithm over CBC. Deploy At Earliest Convenience MS12-007 – Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) Recommendation: Deploy patches as soon as possible, since no mitigation is available.

Chris Silva,

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.