dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3409
share rss forum feed


dp
Premium,MVM
join:2000-12-08
Greensburg, PA
kudos:7

8 recommendations

Microsoft Security Bulletin(s) for October 9, 2012

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms12-oct

Critical (1)

Microsoft Security Bulletin MS12-064
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
»technet.microsoft.com/en-us/secu···ms12-064

Important (6)

Microsoft Security Bulletin MS12-065
Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
»technet.microsoft.com/en-us/secu···ms12-065

Microsoft Security Bulletin MS12-066
Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
»technet.microsoft.com/en-us/secu···ms12-066

Microsoft Security Bulletin MS12-067
Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
»technet.microsoft.com/en-us/secu···ms12-067

Microsoft Security Bulletin MS12-068
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)
»technet.microsoft.com/en-us/secu···ms12-068

Microsoft Security Bulletin MS12-069
Vulnerability in Kerberos Could Allow Denial of Service (2743555)
»technet.microsoft.com/en-us/secu···ms12-069

Microsoft Security Bulletin MS12-070
Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)
»technet.microsoft.com/en-us/secu···ms12-070

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.
--
Microsoft® Security MVP, 2004 - 2012
DP's Security Bits



NICK ADSL UK
Premium,MVM
join:2004-02-22
kudos:16
Reviews:
·Zen Internet

1 recommendation

Thanks don

TechNet Webcast: Information About the October 2012 Security Bulletin Release

Event ID: 1032522558

Starts: Wednesday, October 10, 2012 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration: 1 hour(s)


Language(s): English.

Product(s): computer security and information security.

Audience(s): IT Decision Maker, IT Implem_IT Generalist and IT Manager.

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

Presented by:

Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation

and

Jonathan Ness, Principal Security Development Lead, Microsoft Corporation

Register now for the October security bulletin webcast.
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security


art22gg
Premium
join:2005-02-16
Courtenay, BC
kudos:6

1 recommendation

reply to dp

Thanks dp...



Cartel
Premium
join:2006-09-13
Chilliwack, BC
kudos:2
Reviews:
·TekSavvy DSL
·Shaw
·TELUS
reply to dp

Click for full size
I don't see kb2749655 on your list.

and support link dead
»support.microsoft.com/kb/2749655


MarkAW
Barry White
Premium
join:2001-08-27
Canada
kudos:16

1 edit

1 recommendation

reply to dp

Click for full size
Thanks dp and Nick 14 for my Win7 pro, Win7 Home Prem and my win7 Ultimate.


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24

2 recommendations

reply to dp

Got 6 of 'em for my system. Thank you, guys.



rcdailey
Dragoonfly
Premium
join:2005-03-29
Rialto, CA

1 recommendation

reply to dp

Thanks. Got a total of 7 in Win XP SP3, one of which was the MSRT. No SQL update because no SQL server. No Kerberos, either.
--
It is easier for a camel to put on a bikini than an old man to thread a needle.



FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

1 recommendation

reply to dp

15 patches applied to 2 Win 7 Home Premium 32 bit systems. A reboot was needed. All systems working OK so far. Also updated to new release of Adobe Flash and and a new release of Firefox(16.0). Busy day!!


--
»www.gop.com/2012-republican-platform_home/
»www.gop.com/2012-republican-plat···onalism/


Kostadin

@powernet.bg
reply to dp

Hello. What is KB2749655 meant for - It kind of feels awful, when I am not able to see any description?!



FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

said by Kostadin :

Hello. What is KB2749655 meant for - It kind of feels awful, when I am not able to see any description?!

Has to do with MS signed security certificates.
»technet.microsoft.com/en-us/secu···/2749655
--
»www.gop.com/2012-republican-platform_home/
»www.gop.com/2012-republican-plat···onalism/


ltsnow
Premium
join:2006-04-08
Valdosta, GA
kudos:1
reply to dp

Only got 4 for XP Pro SP3 not counting MSRT, which I don't use.



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

2 recommendations

reply to dp

Merci, dp See Profile

• One for Office:

»support.microsoft.com/kb/2687483

• The remainder:

»technet.microsoft.com/en-us/secu···ms12-054
»technet.microsoft.com/en-us/secu···ms12-068
»technet.microsoft.com/en-us/secu···ms12-055
»technet.microsoft.com/en-us/secu···ms12-069
»support.microsoft.com/kb/2647753
»technet.microsoft.com/en-us/secu···/2661254
»support.microsoft.com/kb/2729094
»support.microsoft.com/kb/2731771
»support.microsoft.com/kb/2732059
»support.microsoft.com/kb/2732487
»support.microsoft.com/kb/2732500
»support.microsoft.com/kb/2739159
»support.microsoft.com/kb/2749655
»support.microsoft.com/kb/2756822
»support.microsoft.com/?kbid=890830


brianiscool

join:2000-08-16
Tampa, FL
kudos:1
reply to dp

I will download these updates when I get home.



NICK ADSL UK
Premium,MVM
join:2004-02-22
kudos:16
Reviews:
·Zen Internet

2 recommendations

reply to dp

just to recap in case anyone has missed out on these updates

Last 5 Published or Updated Security Advisories:

Microsoft Security Advisory (2749655)
Compatibility Issues Affecting Signed Microsoft Binaries
Published or Last Updated: Tuesday, October 09, 2012
»technet.microsoft.com/en-us/secu···/2749655

Microsoft Security Advisory (2737111)
Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution
Published or Last Updated: Tuesday, October 09, 2012
»technet.microsoft.com/en-us/secu···/2737111

Microsoft Security Advisory (2661254)
Update For Minimum Certificate Key Length
Published or Last Updated: Tuesday, October 09, 2012
»technet.microsoft.com/en-us/secu···/2661254

Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
Published or Last Updated: Monday, October 08, 2012
»technet.microsoft.com/en-us/secu···/2755801

Microsoft Security Advisory (2757760)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published or Last Updated: Friday, September 21, 2012
»technet.microsoft.com/en-us/secu···/2757760
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security



norwegian
Premium
join:2005-02-15
Outback

1 recommendation

reply to dp

Click for full size
Thank you.

18 for my Win 7 x64, Office 2007

Jrb2
Premium
join:2001-08-31
kudos:3

2 recommendations

reply to dp

Thanks Don, Nick and Silj!

I got 5 on my XP-home SP3.

2661254 - Update For Minimum Certificate Key Length
2756822 - time-zone
890830 - Malicious Software Removal Tool
2749655 - Compatibility Issues Affecting Signed Microsoft Binaries
2724197 - MS12-068



NICK ADSL UK
Premium,MVM
join:2004-02-22
kudos:16
Reviews:
·Zen Internet
reply to dp

Microsoft® Windows® Malicious Software Removal Tool (KB890830)

This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found. Microsoft will release an updated version of this tool on the second Tuesday of each month.

Quick details
Version: 4.13 Date published: 10/9/2012
Change language:
KB articles: KB890830
File name Size
Windows-KB890830-V4.13.exe 16.2 MB

New anti-malware additions

We have added detection and cleaning capabilities for the following malware:

Nitol
»www.microsoft.com/security/porta···%2fNitol

OneScan
»www.microsoft.com/security/porta···fOneScan
--
Wilders Security Forum Admin
Microsoft MVP - Consumer Security



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17

You can run MSRT via WU every patch Tuesday or download and run via the MS Download Center

I like to keep a copy on a flash drive.

Just some thoughts.



rcdailey
Dragoonfly
Premium
join:2005-03-29
Rialto, CA
reply to ltsnow

I observed the exact same count on a digital x-ray system running XP Pro SP3. It probably got exactly the same patches.
--
It is easier for a camel to put on a bikini than an old man to thread a needle.



Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11

1 edit
reply to norwegian

Click for full size
I got 18 patches like you.
I found it odd that one of the patches had a size of 4.9 - 5.0MB.
Something I've never noticed before.
EDIT: Windows 7 Ultimate SP1 64-bit


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3
reply to dp

17 patches here, including an MSE update, one for Word and one for Office. Windows 7 Home Premium 64 bit.



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 recommendation

reply to siljaline

said by siljaline:

You can run MSRT via WU every patch Tuesday...

That's what I do.
--
Don't feed trolls--it only makes them grow!


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17

Moi, aussi.



norwegian
Premium
join:2005-02-15
Outback
reply to Dustyn

Ah...cool; then nothing to get me paranoid about with old updates turning up like last month.

I'm normal for a brief second.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke