Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 16 vulnerabilities that were fixed in 9 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 9 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
A remote code execution vulnerability exists in the way that Microsoft XML Core Services handles objects in memory. The vulnerability could allow remote code execution if a user views a website that contains specially crafted content. (CVE-2012-1889)
Affected Software:
This security update is rated Critical for Microsoft XML Core Services 3.0, 4.0, and 6.0 on all supported editions of Windows XP, Windows Vista, and Windows 7 and is rated Moderate on all supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2; it is also rated Critical for Microsoft XML Core Services 5.0 for all supported editions of Microsoft Office 2003, Microsoft Office 2007, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack, Microsoft Expression Web, Microsoft Office SharePoint Server 2007, and Microsoft Groove Server 2007.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
[Product Update] July 2012 Security Updates Are On ECE For XPe SP3 and Standard 2009 (KB2719985)
August 2012 Security Updates are Live on ECE for XPe and Standard 2009 (KB2719985)
Windows XP Service Pack 3 (Microsoft XML Core Services 3.0)
Windows XP Service Pack 3 (Microsoft XML Core Services 4.0)
Windows XP Service Pack 3 (Microsoft XML Core Services 6.0)
Windows XP Professional x64 Edition Service Pack 2 (Microsoft XML Core Services 3.0)
Windows XP Professional x64 Edition Service Pack 2 (Microsoft XML Core Services 4.0)
Windows XP Professional x64 Edition Service Pack 2 (Microsoft XML Core Services 6.0)
Windows Server 2003 Service Pack 2 (Microsoft XML Core Services 3.0)
Windows Server 2003 Service Pack 2 (Microsoft XML Core Services 4.0)
Windows Server 2003 Service Pack 2 (Microsoft XML Core Services 6.0)
Windows Server 2003 x64 Edition Service Pack 2 (Microsoft XML Core Services 3.0)
Windows Server 2003 x64 Edition Service Pack 2 (Microsoft XML Core Services 4.0)
Windows Server 2003 x64 Edition Service Pack 2 (Microsoft XML Core Services 6.0)
Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft XML Core Services 3.0)
Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft XML Core Services 4.0)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-043.
Workaround:
1) Deploy the Enhanced Mitigation Experience Toolkit
2) Configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and Local intranet security zone
Internet Explorer is prone to multiple vulnerabilities that could allow remote code execution.
Microsoft has released a security update that addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory.
This security update is rated Critical for Internet Explorer 9 on Windows clients and Moderate for Internet Explorer 9 on Windows servers.
Windows Vista Service Pack 2 (Internet Explorer 9)
Windows Vista x64 Edition Service Pack 2 (Internet Explorer 9)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 9)
Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 9)
Windows 7 for 32-bit Systems (Internet Explorer 9)
Windows 7 for 32-bit Systems Service Pack 1 (Internet Explorer 9)
Windows 7 for x64-based Systems (Internet Explorer 9)
Windows 7 for x64-based Systems Service Pack 1 (Internet Explorer 9)
Windows Server 2008 R2 for x64-based Systems (Internet Explorer 9)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Internet Explorer 9)
Refer to Microsoft Security Bulletin MS12-044 for further details.
Workaround:
Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones.
Configure IE to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones; add trusted sites to the IE trusted sites zone.
Note: Disabling or restricting scripting can severely impact the usability of the browser.
A remote code execution vulnerability exists in the way that Microsoft Data Access Components accesses an object in memory that has been improperly initialized. (CVE-2012-1891)
Affected Software:
Microsoft Data Access Components 2.8 Service Pack 1
- Windows XP Service Pack 3
Microsoft Data Access Components 2.8 Service Pack 2
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
Windows Data Access Components 6.0
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for Itanium-based Systems
- Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
This security update is rated Critical.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
[Product Update] July 2012 Security Updates Are On ECE For XPe SP3 and Standard 2009 (KB2698365)
August 2012 Security Updates are Live on ECE for XPe and Standard 2009 (KB2698365)
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-045.
The security update addresses the vulnerability by correcting how Microsoft Visual Basic for Applications loads external libraries.
This security update is rated Important for all supported versions of Microsoft Visual Basic for Applications SDK and third-party applications that use Microsoft Visual Basic for Applications.
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1
Microsoft Office 2010 Service Pack 1
Microsoft Office 2010 Service Pack 1
Microsoft Office 2010 Service Pack 1
Microsoft Visual Basic for Applications
Refer to Microsoft Security Bulletin MS12-046 for further details.
An elevation of privilege vulnerability exists in the way that the Windows kernel-mode driver handles specific keyboard layouts. (CVE-2012-1890)
An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly validates parameters when creating a hook procedure. (CVE-2012-1893)
Affected Software:
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
This security update is rated Important.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
[Product Update] July 2012 Security Updates Are On ECE For XPe SP3 and Standard 2009 (KB2718523)
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-047.
Microsoft has released a security update that addresses the vulnerabilities by modifying the way that Windows handles files and directories with specially crafted names.
This security update is rated Important for all supported releases of Microsoft Windows.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
[Product Update] July 2012 Security Updates Are On ECE For XPe SP3 and Standard 2009 (KB2691442)
August 2012 Security Updates are Live on ECE for XPe and Standard 2009 (KB2691442)
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-048.
This security update resolves a publicly disclosed vulnerability in TLS. The security update addresses the vulnerability by modifying the way that the Windows Secure Channel (SChannel) and the Cryptography API: Next Generation (CNG) components handle encrypted network packets.
Affected Versions:
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
This security update is rated Important for all supported releases of Microsoft Windows.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
[Product Update] July 2012 Security Updates Are On ECE For XPe SP3 and Standard 2009 (KB2655992)
August 2012 Security Updates are Live on ECE for XPe and Standard 2009 (KB2655992)
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-049.
Microsoft has released a security update that addresses the vulnerabilities by modifying the way that HTML strings are sanitized and by correcting the way that Microsoft SharePoint validates and sanitizes user input.
This security update is rated Important for supported editions of Microsoft InfoPath 2007, Microsoft InfoPath 2010, Microsoft SharePoint Server 2007, Microsoft SharePoint Server 2010, and Microsoft Groove Server 2010; and for supported versions of Microsoft Windows SharePoint Services 3.0 and SharePoint Foundation 2010.
Microsoft InfoPath 2007 Service Pack 2
Microsoft InfoPath 2007 Service Pack 2
Microsoft InfoPath 2007 Service Pack 3
Microsoft InfoPath 2007 Service Pack 3
Microsoft InfoPath 2010 Service Pack 1
Microsoft InfoPath 2010 Service Pack 1
Microsoft InfoPath 2010 Service Pack 1
Microsoft InfoPath 2010 Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS12-050.
An elevation of privilege vulnerability exists in the way that folder permissions are set in certain Microsoft Office for Mac installations.
This security update is rated Important
Affected Version:
Microsoft Office 2011 for Mac
Workaround:
The following workaround would not correct the underlying vulnerability but would help block known attack vectors before you apply the update.
Remove write permission from others in affected folders.
/usr/bin/sudo /bin/chmod -R -P o-w /Library/Internet\ Plug-Ins/SharePointWebKitPlugin.webplugin/
/usr/bin/sudo /bin/chmod -R -P o-w /Library/Internet\ Plug-Ins/SharePointBrowserPlugin.plugin/
/usr/bin/sudo /bin/chmod -R -P o-w /Library/Fonts/Microsoft/
/usr/bin/sudo /bin/chmod -R -P o-w /Library/Automator/
/usr/bin/sudo /bin/chmod -R -P o-w /Applications/Microsoft\ Office\ 2011/
These new vulnerability checks are included in Qualys vulnerability signature 2.2.169-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.