Dial In Number 1-877-593-2001 Pin: 3959

Information About Microsoft September 21, 2012 Security Bulletin

Jeremy TinderSecurity Program ManagerMicrosoft Corporation

Dustin ChildsGroup Manager, Response CommunicationsMicrosoft Corporation

Dial In Number 1-877-593-2001 Pin: 3959

Live Video Stream

• To receive our video stream in LiveMeeting:– Click on Voice & Video– Click the drop down next to the camera icon

– Select Show Main Video

Dial In Number 1-877-593-2001 Pin: 3959

What We Will Cover

• Review of September 21, 2012 Bulletin Out-of-Band release information for Security Bulletin MS12-063

• Security Advisory 2755801

• Resources

• Questions and Answers: Please Submit Now– Submit Questions via Twitter #MSFTSecWebcast

Dial In Number 1-877-593-2001 Pin: 3959

Severity and Exploitability Index

Exploitability Index

1

RISK2

3

DP 1

Severity

Critical

IMPACT

Important

Moderate

Low

MS12-063

Inte

rne

t E

xp

lore

r

Dial In Number 1-877-593-2001 Pin: 3959

Bulletin Deployment Priority

Bulletin KB Disclosure Aggregate Severity

Exploit Index

MaxImpact

Deployment Priority Notes

MS12-063Internet Explorer

2744842 Public Critical 1 RCE 1

This bulletin addresses five critical-class issues including CVE-2012-4969, which deprecates Security Advisory 2757760.

Dial In Number 1-877-593-2001 Pin: 3959

MS12-063: Cumulative Update for Internet Explorer (2744842)CVE Severity

ExploitabilityComment Note

Latest Software Older Versions

CVE-2012-1529 Critical NA 1 Remote Code Execution Cooperatively Disclosed

CVE-2012-2546 Critical NA 1 Remote Code Execution Cooperatively Disclosed

CVE-2012-2548 Critical NA 2 Remote Code Execution Cooperatively Disclosed

CVE-2012-2557 Critical N/A 1 Remote Code Execution Cooperatively Disclosed

CVE-2012-4969 Critical NA 1 Remote Code Execution Publicly Disclosed

Affected ProductsInternet Explorer 6,7,8, & 9 on Windows Clients (except Windows 8)

Internet Explorer 6,7,8, & 9 on Windows Servers (except Windows Server 2012)

Affected Components IE6, IE7, IE8, and IE9 on Windows clients and Servers

Deployment Priority Critical

Main Target Workstations and servers running Internet Explorer.

Possible Attack Vectors• An attacker could host a website that contains a page crafted to exploit this vulnerability. • The attacker could also take advantage of compromised websites and websites that accept or host user-

provided content or advertisements.

Impact of Attack• An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the

currently logged-on user.

Mitigating Factors

• An attacker would have no way to force users to visit a malicious website.• By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2

runs in a restricted mode known as Enhanced Security Configuration.• By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open

HTML emails in the Restricted sites zone.

Additional Information• This bulletin addresses five critical-class issues including CVE-2012-4969, which deprecates Security

Advisory 2757760.• Installations using Server Core are not affected.

Dial In Number 1-877-593-2001 Pin: 3959

Microsoft Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10• An advisory released on September 21, 2012 addresses vulnerabilities

in Adobe Flash Player in Internet Explorer 10 on Windows 8. – Addresses issues in Adobe Flash Player in Internet Explorer 10 on all supported

editions of Windows 8 and Windows Server 2012

– The majority of customers have automatic updates enabled and will not need to take any action.

– Customers who do not use automatic updates should apply the guidance in the advisory immediately

Dial In Number 1-877-593-2001 Pin: 3959

Detection & Deployment

Bulletin Windows Update

Microsoft Update MBSA WSUS 3.0 SMS 2003

with ITMU SCCM 2007

MS12-063Internet Explorer

Yes Yes Yes Yes Yes Yes

Dial In Number 1-877-593-2001 Pin: 3959

Other Update Information

Bulletin Restart Uninstall Replaces

MS12-063Internet Explorer

Yes Yes MS12-052

Dial In Number 1-877-593-2001 Pin: 3959

ResourcesBlogs• Microsoft Security Response Center (MSRC) blog:

www.blogs.technet.com/msrc • Security Research & Defense blog:

http://blogs.technet.com/srd • Microsoft Malware Protection Center Blog:

http://blogs.technet.com/mmpc/

Twitter• @MSFTSecResponse

Security Centers• Microsoft Security Home Page:

www.microsoft.com/security • TechNet Security Center:

www.microsoft.com/technet/security• MSDN Security Developer Center:

http://msdn.microsoft.com/en-us/security/default.aspx

Bulletins, Advisories, Notifications & Newsletters• Security Bulletins Summary:

www.microsoft.com/technet/security/bulletin/summary.mspx

• Security Bulletins Search:www.microsoft.com/technet/security/current.aspx

• Security Advisories:www.microsoft.com/technet/security/advisory/

• Microsoft Technical Security Notifications:www.microsoft.com/technet/security/bulletin/notify.mspx

• Microsoft Security Newsletter:www.microsoft.com/technet/security/secnews

Other Resources• Update Management Process

http://www.microsoft.com/technet/security/guidance/patchmanagement/secmod193.mspx

• Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners.mspx

Dial In Number 1-877-593-2001 Pin: 3959

Questions and Answers• Submit text questions using the “Ask” button. • Don’t forget to fill out the survey.• A recording of this webcast will be available within 48 hours on the

MSRC Blog:http://blogs.technet.com/msrc

• Register for next month’s webcast at:http://microsoft.com/technet/security/current.aspx

Dial In Number 1-877-593-2001 Pin: 3959

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.