Microsoft Security Bulletin Coverage (March 14, 2012)
SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of March, 2012. A list of issues reported, along with SonicWALL coverage information follows:
MS12-017 Vulnerability in DNS Server Could Allow Denial of Service (2647170)
- CVE-2012-0006 DNS Denial of Service Vulnerability
Malicious traffic is indistinguishable from normal DNS traffic.
MS12-018 Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)
- CVE-2012-0157 PostMessage Function Vulnerability
This is a local vulnerability. Attacks are not detectable over the network.
MS12-019 Vulnerability in DirectWrite Could Allow Denial of Service (2665364)
- CVE-2012-0156 DirectWrite Application Denial of Service Vulnerability
No coverage is available.
MS12-020 Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
- CVE-2012-0002 Remote Desktop Protocol Vulnerability
IPS: 4178 – Suspicious RDP Traffic 3
IPS: 4186 – Suspicious RDP Traffic 4 - CVE-2012-0152 Terminal Server Denial of Service Vulnerability
This kind of attack is not detectable by SonicWALL.
MS12-021 Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
- CVE-2012-0008 Visual Studio Add-In Vulnerability
This is a local vulnerability. Attacks are not detectable over the network.
MS12-022 Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
- CVE-2012-0016 Expression Design Insecure Library Loading Vulnerability
IPS: 1023 – Binary Planting Attempt 1
IPS: 5726 – Binary Planting Attempt 2
IPS: 6847 – Binary Planting Attempt 3