Unsolved
This post is more than 5 years old
3 Apprentice
•
15.2K Posts
0
4475
Updates 5/8/12 - ''Microsoft Tuesday'', various Adobe programs
Today is "Microsoft Tuesday" --- the second Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows critical/security updates. Based on previous history, they should become available at 1 PM [USA - Eastern Daylight Saving Time].
Please use WIndows/Automatic Updates to determine which updates --- if any --- are applicable to your particular system.
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
May 8th, 2012 11:00
The following 3 updates are rated CRITICAL:
MS12-029 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
MS12-034 Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
MS12-035 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
==============================
The following 4 updates are rated IMPORTANT:
MS12-030 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
MS12-031 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
MS12-032 Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
MS12-033 Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
May 8th, 2012 12:00
This month's Malicious Software Removal Tool (MSRT, or MRT), version 4.8, adds detection/removal of
Win32/Unruy - "a trojan that displays out of context advertisements and performs ad-clicking in order to gather revenue for its controllers. It communicates with remote hosts and may also download and execute arbitrary files in order to perform this payload".
Win32/Dishigy - "a family of trojans that can be instructed to perform denial of service attacks on remote hosts. The trojan attempts to connect to a remote host in order to obtain configuration information, and may be instructed to perform any one of several types of attacks".
32-bit version for windows 7/vista/XP/Server2003 http://www.microsoft.com/en-us/download/details.aspx?id=16
x64-bit version http://www.microsoft.com/en-us/download/details.aspx?id=9905
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
May 9th, 2012 04:00
Adobe Shockwave Player is NOT a required program... it's primarily used by some "gaming" programs. If you don't have already have it, you probably don't need it. But for those of you who have/use it, it's time for an update.
The following has been copied/pasted from http://secunia.com/advisories/49086 :
Description
Multiple vulnerabilities [some of which are rated HIGHLY Critical] have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) Another unspecified error can be exploited to corrupt memory.
3) Another unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in versions 11.6.4.634 and prior for Windows and Macintosh.
Solution
Update to version 11.6.5.635.
See also http://www.adobe.com/support/security/bulletins/apsb12-13.html
========================================================================================
Adobe also updated the following programs:
Adobe Illustrator http://www.adobe.com/support/security/bulletins/apsb12-10.html
Adobe Photoshop http://www.adobe.com/support/security/bulletins/apsb12-11.html
Adobe Flash PROFESSIONAL CS 5.5 http://www.adobe.com/support/security/bulletins/apsb12-12.html ( Stress that Flash PRO is NOT the same as the "standard" Flash Player we often mention here. )