Microsoft Security Bulletin Coverage (Aug 14, 2012)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of August, 2012. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS12-052 Cumulative Security Update for Internet Explorer (2722913)

• CVE-2012-1526 LayoutMemory Corruption Vulnerability
  IPS:8439 – Windows IE Layout Memory Corruption 4
• CVE-2012-2521 Asynchronous NULL Object Access Remote Code Execution Vulnerability
  IPS:8442 – Suspicious HTML Style Tag 4
• CVE-2012-2522 Virtual Function Table Corruption Remote Code Execution Vulnerability
  GAV: Malformed.html.MP.6
• CVE-2012-2523 JavaScript Integer Overflow Remote Code Execution Vulnerability
  IPS:7645 – HTTP Client Shellcode Exploit 11a

MS12-053 Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135)

• CVE-2012-2526 Remote Desktop Protocol Vulnerability
  IPS:4198 – Suspicious RDP Traffic 8

MS12-054 Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594)

• CVE-2012-1850 Remote Administration Protocol Denial of Service Vulnerability
  IPS:8447 – Microsoft SMB Response Parsing Remote Code Execution (MS12-054) 3
• CVE-2012-1851 Print Spooler Service Format String Vulnerability
  IPS:8446 – Windows Print Spooler Format String Exploit
  CVE-2012-1852 Remote Administration Protocol Heap Overflow Vulnerability
  IPS:8444 – Microsoft SMB Response Parsing Remote Code Execution (MS12-054) 2
• CVE-2012-1853 Remote Administration Protocol Stack Overflow Vulnerability
  IPS:8443 – Microsoft SMB Response Parsing Remote Code Execution (MS12-054)

MS12-055 Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2731847)

• CVE-2012-2527 Win32k Use After Free Vulnerability
  Local EoP vulnerability, not covered

MS12-056 Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045)

• CVE-2012-2523 JavaScript Integer Overflow Remote Code Execution Vulnerability
  Please refer to MS12-052 above

MS12-057 Vulnerability inMicrosoft Office Could Allow for Remote Code Execution (2731879)

• CVE-2012-2524 CGM File FormatMemory Corruption Vulnerability
  There is no public exploit available

MS12-058 Vulnerability inMicrosoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)

• CVE-2012-2525 Oracle Outside In Libraries Remote Code Execution Vulnerability
  There is no details about this vulnerability

MS12-059 Vulnerability inMicrosoft Visio Could Allow Remote Code Execution (2733918)

• CVE-2012-1888 Visio DXF File Format Buffer Overflow Vulnerability
  GAV: Malformed.dxf.MP.1

MS12-060 Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)

• CVE-2012-1856 MSCOMCTL.OCX RCE Vulnerability
  GAV: Malformed.rtf.MP.2

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.