Microsoft Security Bulletin Coverage (Jan 10, 2012)
SonicWALL has analyzed and addressed Microsoft's security advisories for the month of January, 2012. A list of issues reported, along with SonicWALL coverage information follows:
MS12-001 Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
- CVE-2012-0001 Windows Kernel SafeSEH Bypass Vulnerability
This is a local vulnerability.
MS12-002 Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)
- CVE-2012-0009 Object Packager Insecure Executable Launching Vulnerability
IPS: 3312 - Suspicious CIFS Traffic 17
- CVE-2012-0005 CSRSS Elevation of Privilege Vulnerability
This is a local vulnerability.
MS12-004 Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
- CVE-2012-0003 MIDI Remote Code Execution Vulnerability
IPS: 7274 - Suspicious Audio 1b
- CVE-2012-0004 DirectShow Remote Code Execution Vulnerability
There is no way to distinguish between normal and attack traffic.
MS12-005 Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)
- CVE-2012-0013 Assembly Execution Vulnerability
IPS: 7275 - Malformed PowerPoint Document 3b
MS12-006 Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)
- CVE-2011-3389 SSL and TLS Protocols Vulnerability
There is no way to distinguish between normal and attack traffic.
MS12-007 Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)
- CVE-2012-0007 AntiXSS Library Bypass Vulnerability
IPS: 3357 - MS IE CSS Cross Domain Information Disclosure 2
Share This Article
An Article By
An Article By
Security News
Security News