Posts

Microsoft Security Bulletin Coverage (Jan 10, 2012)

SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of January, 2012. A list of issues reported, along with SonicWALL coverage information follows:

MS12-001 Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)

  • CVE-2012-0001 Windows Kernel SafeSEH Bypass Vulnerability
    This is a local vulnerability.

MS12-002 Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)

  • CVE-2012-0009 Object Packager Insecure Executable Launching Vulnerability
    IPS: 3312 – Suspicious CIFS Traffic 17

MS12-003 Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)

  • CVE-2012-0005 CSRSS Elevation of Privilege Vulnerability
    This is a local vulnerability.

MS12-004 Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

  • CVE-2012-0003 MIDI Remote Code Execution Vulnerability
    IPS: 7274 – Suspicious Audio 1b
  • CVE-2012-0004 DirectShow Remote Code Execution Vulnerability
    There is no way to distinguish between normal and attack traffic.

MS12-005 Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)

  • CVE-2012-0013 Assembly Execution Vulnerability
    IPS: 7275 – Malformed PowerPoint Document 3b

MS12-006 Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

  • CVE-2011-3389 SSL and TLS Protocols Vulnerability
    There is no way to distinguish between normal and attack traffic.

MS12-007 Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

  • CVE-2012-0007 AntiXSS Library Bypass Vulnerability
    IPS: 3357 – MS IE CSS Cross Domain Information Disclosure 2