Microsoft: "Patch Tuesday"

Microsoft liberó este martes 7 boletines de seguridad con actualizaciones para varios de sus productos. Se recomienda tomar la acciones recomendadas en cada caso para evitar brechas de seguridad.

Puedes ver el listado en este post..

#	Affected	Contra Indications - KB	Known Exploits	Microsoft rating(**)	ISC rating(*)
					clients	servers
MS12-064	Remote Code Execution Vulnerability in Microsoft Word (ReplacesMS12-029MS10-079MS12-050 )
	Word CVE-2012-0182 CVE-2012-2528	KB 2742319	No.	Severity:Critical Exploitability: 1	Critical	Important
MS12-065	Remote Code Execution Vulnerability in Microsoft Works (ReplacesMS12-028 )
	Works CVE-2012-2550	KB 2754670	No.	Severity:Important Exploitability: 2	Critical	N/A
MS12-066	Elevation of Privilege Vulnerability via XSS in HTML Sanitation Component (ReplacesMS12-039 )
	HTML Sanitation" CVE-2012-2520	KB 2741517	Yes (limited).	Severity:Important Exploitability: 1	Important	Important
MS12-067	Oracle outside/in and advanced filter pack for FAST Search Server Code Execution Vulnerabilities
	FAST Search Server 2010 (SharePoint) CVE-2012-1766 CVE-2012-1767 CVE-2012-1768 CVE-2012-1769 CVE-2012-1770 CVE-2012-1771 CVE-2012-1772 CVE-2012-1773 CVE-2012-3106 CVE-2012-3107 CVE-2012-3108 CVE-2012-3109 CVE-2012-3110	KB 2742321	Yes.	Severity:Important Exploitability: 1	Important	Critical
MS12-068	Privilege Escalation in Windows Kernel (ReplacesMS09-058MS10-021MS11-068MS11-098MS12-042 )
	Kernel CVE-2012-2529	KB 2724197	No.	Severity:Important Exploitability: 3	Important	Important
MS12-069	Denial of Service Vulnerability in Kerberos (ReplacesMS11-013 )
	Word CVE-2012-2551	KB 2743555	No.	Severity:Important Exploitability: 1	Important	Important
MS12-070	Reflective XSS Vulnerability in SQL Server (ReplacesMS09-062MS11-049 )
	Word CVE-2012-0182 CVE-2012-2528	KB 2754849	No.	Severity:Important Exploitability: 1	N/A	Important

 
Tweet