Thursday 16 February 2012

Patch Tuesday: February 2012


With this February Microsoft Patch Tuesday update, we see a set of 9 updates; 4 with the rating of Critical and 5 with the rating of Important. This is a moderately large update from Microsoft, with one notably large payload (MS12-011); however the potential compatibility impact for these up-dates is likely to be low.
As part of the Patch Tuesday Security Update analysis performed by the ChangeBASE team, we have seen a small number of potential compatibility issues caused by updates MS12-011, MS12-013 and MS12-015. All identified issues are designated at Amber issues by Quest ChangeBASE, as they would be relatively straight forward to fix with no serious compatibility impact.
Given the nature of the changes and updates included in each of these patches, most systems will require a reboot to successfully implement any and all of the patches and updates released in this February Patch Tuesday release cycle.
Here is a sample of the results for two applications tested for compatibility with these updates:
Top: MS12-013 Vulnerability in C Run-Time Library Could Allow Remote Code Execution
Bottom: MS12-011 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege
Below these is a sample Summary report for a sample database where the Quest ChangeBASE Patch Impact team has run the latest Microsoft Updates against a small application portfolio:




Testing Summary
  • MS12-008 : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
  • MS12-009 : Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
  • MS12-010 : Cumulative Security Update for Internet Explorer (2647516)
  • MS12-011 : Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
  • MS12-012 : Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
  • MS12-013 : Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
  • MS12-014 : Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
  • MS12-015 : Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
  • MS12-016 : Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)


Patch NameTotal
Issues
Matches
Affected
RebootRatingRAG
Microsoft Security Bulletin MS12-008<1%<1%YESGreen
Microsoft Security Bulletin MS12-009<1%<1%YESGreen
Microsoft Security Bulletin MS12-010<1%<1%YESGreen
Microsoft Security Bulletin MS12-011<1%<1%YESAmber
Microsoft Security Bulletin MS12-012<1%<1%YESGreen
Microsoft Security Bulletin MS12-013<1%<1%YESAmber
Microsoft Security Bulletin MS12-014<1%<1%YESGreen
Microsoft Security Bulletin MS12-015<1%<1%YESAmber
Microsoft Security Bulletin MS12-016<1%<1%YESGreen

Legend:
No IssueNo Issues Detected
Applications flagged as GREEN have no issues identified against them.
FixablePotentially fixable application Impact
An AMBER issue is one that pertains to the installation routine. A packager can change things in the installation routine and so can AOK Workbench. Anywhere an issue is found and a change can be made to the installation routine to get rid of it we will flag it as amber. AOK Workbench fixes almost all of the issues it flags as amber. For the few issues that require a decision to be made, a packager can manually remediate these using the issue data provided by AOK Workbench.
SeriousSerious Compatibility Issue
A RED issue is generally one that pertains to how the code or actual program works. In this case we will flag as Red issues where a package tries to use objects or functions that have been deprecated from the OS or where their use has been restricted. In this case there are no changes that a packager (or AOK Workbench) can make to the install routine to fix the problem. The problem needs to be dealt with at the program code level by the programmer that wrote it or by providing a more up to date driver. However it is reasonably straightforward once a programmer has the information provided by AOK Workbench to make these changes. For vendor MSIs an upgrade may be required.

Security Update Detailed Summary
MS12-008Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465)
DescriptionThis security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website.
PayloadWin32k.sys, Updspapi.dll, W32ksign.dll
ImpactCritical - Remote Code Execution
MS12-009Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
DescriptionThis security update resolves two privately reported vulnerabilities in Microsoft Win-dows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.
PayloadAfd.sys, Updspapi.dll
ImpactImportant - Elevation of Privilege
MS12-010Cumulative Security Update for Internet Explorer (2647516)
DescriptionThis security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadNo specific files
ImpactCritical - Remote Code Execution
MS12-011Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
DescriptionThis security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL.
PayloadAudits.asx, Auditsettings.ascx, Dispform.asx_multilang, Dispform.asx_xlatelist, Dlc.workflow.routing.dll, Dlc.workflow.tasks.dll, Dlc.workflow.tasks.dll2, Dlcwork-flowactionsvs_dll, Dlcworkflowactions_dll, Editdlg.htm_multilang, Editform.asx_multilang, Editform.asx_xlatelist, Featurestapling.xml, Mi-crosoft.office.documentmanagement.dll, Microsoft.office.documentmanagement.dll_isapi, Mi-crosoft.office.documentmanagement.pages.dll, Microsoft.office.policy.dll, Microsoft.office.policy.dll_isapi, Microsoft.office.policy.pages.dll, Mi-crosoft.office.workflow.feature.dll, Microsoft.office.workflow.pages.dll, Microsoft.office.workflowsoap.dll, Mopap.dll, Newform.asx_xlatelist, Sche-ma.xml_multilang, Schema_records, Upload.asx_multilang, Acsacnt.apx, Acscntrl.acx, Addbestbet1.aspx, Addcs.apx, Addentity1.aspx, Addfeaturedcontent1.aspx, Add-fedl.apx, Addkeyword1.aspx, Addmanagedproperty1.aspx, Addrankpromotion1.aspx, Addshr.apx, Addsnm.apx, Addspellcheck1.aspx, Addtype.apx, Addusercontext1.aspx, Admcmds.xml, Adminlistcontrol1.ascx, Admin_sitemap_pub.xml, Admmap.apx, Adsearch.aspx, Advanced_aspx, Advsfast_aspx, Advsrch_aspx, Aform1.apx, Ajaxtkit.js, Aslibalt.xml, Aslibft.xml, Assetpck.xsl, Astptlbr_asx, Bb.apx, Bdcph.dll, Bestbetor-der1.aspx, Blckvert.mst, Blglsbnd.mst, Blkband.mst, Blksingl.mst, Blueband.mst, Bluetabs.mst, Bluevert.mst, Busdatar.dll, Categ.apx, Centraladminpopupselector1.aspx, Cformsec.acx, Client.config, Clientx.dll, Clientxr.dll, Cmscrntl.rsx, Cms_tenantadmindeploymentlinksfeature_feature_xml, Connfxom.dll, Connfx-om.dll_0001, Connfxph.dll, Contextualkeywordmanagement1.aspx, Convfeat.xml, Cpyfedl.apx, Crawledcategories1.aspx, Crawledproperties1.aspx, Credentialfieldset-tingssection.ascx, Crprop.apx, Default_aspx, Deffast_aspx, Depfeat.xml, Dispfast_aspx, Docxpageconverter.exe, Ecrcntrl.acx, Editcategory1.aspx, Editcrawledproperty1.aspx, Editcs.apx, Editdlg.htm_ldoclib, Editdlg.htm_pubfeap, Editdlg.htm_pubresfeat, Edit-fast_aspx, Editrule.apx, Editsch.apx, Edtfedl.apx, Edtrelst.apx, Emconfig.xml, Enfet.xml, Enhsrch.apx, Enlayfet.xml, Enthmft.xml, Enthmpst.asx, Entityexcludelist1.aspx, En-tityincludelist1.aspx, Entitymanagement1.aspx, Escntrl.acx, Eupref.apx, Ewsmodel.xml, Expfedl.apx, Explrank.apx, Extendedsearchadministration.aspx, Extendedsearchadmin-links.xml, Fast.search.admin.compileddictionary.client.config, Fast.search.admin.contentcollection.client.config, Fast.search.admin.deleteditem.client.config, Fast.search.admin.deployment.client.config, Fast.search.admin.keyword.client.config, Fast.search.admin.linguisticmanager.client.config, Fast.search.admin.persisteddictionary.client.config, Fast.search.admin.schema.client.config, Fast.search.admin.spellchecker.client.config, Fast.search.admin.termentityextractor.client.config, Fast.search.query.client.config, Fastcentraladminhelpcollection, Fastenduserhelpcollection, Feapsite.xml, Frmadmin.apx, Fs.admin.dll, Fs.admin.dll.isapi, Fsfrmact.xml, Glsband.mst, Hau-to1.apx, Hauto2.apx, Hauto3.apx, Hedit1.apx, Hmng1.apx, Ibonet.xml, Ibptem.xml, Impfedl.apx, Keyworddetails1.aspx, Kword.apx, Laymap.apx, Laymapes1.apx, Lay-outs_sitemap_pub.xml, Lcscntrl.acx, Lobigen.dll, Lobitooi.dll, Lobitool.dll, Logcss.apx, Logerr.apx, Loghst.apx, Logsmry.apx, Logvwr.apx, Lstcat.apx, Lstcct.apx, Lstcs.apx, Lstdspgp.apx, Lstkw.apx, Lstmnp.apx, Lstsnm.apx, Managedpropertymanage-ment1.aspx, Managesssvcapplication.aspx, Masttpl.mas, Mchrule.apx, Mchrule1.apx, Mcrcntrl.acx, Mediaplayer.xap, Microsoft.office.server.chart.dll, Mi-crosoft.office.server.chart_gac.dll, Microsoft.office.server.userprofiles.proxy.dll, Microsoft.sharepoint.publishing.dll_isapi, Microsoft.sharepoint.taxonomy.dll, Mi-crosoft.sharepoint.taxonomy.dll_gac, Microsoft_office_securestoreservice.dll, Mngfedl.apx, Mngrules.apx, Mngshr.apx, Mngtypes.apx, Mobileresults_spx, Mo-bilesearch_spx, Mprop.apx, Msdym7.dll_osssearch, Msdym7.lex_osssearch, Msscpi.dll, Mssdmn.exe, Mssearch.exe, Msslad.dll, Mssph.dll, Mssrch.dll, Msswelcm.apx, Mstr4tsc.dll, Mswb7.dll_osssearch, Mswb70011.dll_osssearch, Mswb7001e.dll_osssearch, Mswb70404.dll_osssearch, Mswb70804.dll_osssearch, Natlang6.dll_osssearch, Natlangnlsd0000.dll_osssearch, Natlangnlsd0002.dll_osssearch, Natlangnlsd0003.dll_osssearch, Natlangnlsd0009.dll_osssearch, Natlangnlsd000a.dll_osssearch, Natlangnlsd000c.dll_osssearch, Natlangnlsd000d.dll_osssearch, Natlangnlsd000f.dll_osssearch, Natlangnlsd0010.dll_osssearch, Natlangnlsd0018.dll_osssearch, Natlangnlsd001a.dll_osssearch, Natlangnlsd001b.dll_osssearch, Natlangnlsd001d.dll_osssearch, Natlangnlsd0020.dll_osssearch, Natlangnlsd0021.dll_osssearch, Natlangnlsd0022.dll_osssearch, Natlangnlsd0024.dll_osssearch, Natlangnlsd0026.dll_osssearch, Natlangnlsd0027.dll_osssearch, Natlangnlsd002a.dll_osssearch, Natlangnlsd0039.dll_osssearch, Natlangnlsd003e.dll_osssearch, Natlangnlsd0045.dll_osssearch, Natlangnlsd0046.dll_osssearch, Natlangnlsd0047.dll_osssearch, Natlangnlsd0049.dll_osssearch, Natlangnlsd004a.dll_osssearch, Natlangnlsd004b.dll_osssearch, Natlangnlsd004c.dll_osssearch, Natlangnlsd004e.dll_osssearch, Natlangnlsd0414.dll_osssearch, Natlangnlsd0416.dll_osssearch, Natlangnlsd0816.dll_osssearch, Natlangnlsd081a.dll_osssearch, Natlangnlsd0c1a.dll_osssearch, Natlangnlsg0009.dll_osssearch, Natlangnlsl0002.dll_osssearch, Natlangnlsl0003.dll_osssearch, Natlangnlsl0009.dll_osssearch, Natlangnlsl000a.dll_osssearch, Natlangnlsl000c.dll_osssearch, Natlangnlsl000d.dll_osssearch, Natlangnlsl000f.dll_osssearch, Natlangnlsl0010.dll_osssearch, Natlangnlsl0018.dll_osssearch, Natlangnlsl001a.dll_osssearch, Natlangnlsl001b.dll_osssearch, Natlangnlsl001d.dll_osssearch, Natlangnlsl0020.dll_osssearch, Natlangnlsl0021.dll_osssearch, Natlangnlsl0022.dll_osssearch, Natlangnlsl0024.dll_osssearch, Natlangnlsl0026.dll_osssearch, Natlangnlsl0027.dll_osssearch, Natlangnlsl002a.dll_osssearch, Natlangnlsl0039.dll_osssearch, Natlangnlsl003e.dll_osssearch, Natlangnlsl0045.dll_osssearch, Natlangnlsl0046.dll_osssearch, Natlangnlsl0047.dll_osssearch, Natlangnlsl0049.dll_osssearch, Natlangnlsl004a.dll_osssearch, Natlangnlsl004b.dll_osssearch, Natlangnlsl004c.dll_osssearch, Natlangnlsl004e.dll_osssearch, Natlangnlsl0414.dll_osssearch, Natlangnlsl0416.dll_osssearch, Natlangnlsl0816.dll_osssearch, Natlangnlsl081a.dll_osssearch, Natlangnlsl0c1a.dll_osssearch, Newffast_aspx, Nightandday.mst, Nl7data0011.dll_osssearch, Nl7data001e.dll_osssearch, Nl7data0404.dll_osssearch, Nl7data0804.dll_osssearch, Nl7lexicons0011.dll_osssearch, Nl7lexicons001e.dll_osssearch, Nl7lexicons0404.dll_osssearch, Nl7lexicons0804.dll_osssearch, Nl7models0011.dll_osssearch, Nl7models001e.dll_osssearch, Nl7models0404.dll_osssearch, Nl7models0804.dll_osssearch, Notesmodel.xml, Notesservice.svc, Notessiset.apx, Noteswebservice.dll.oss, Onet.xml, Orgsingl.mst, Oss.basic.feature.xml, Oss.basic.searcharea.xml, Oss.cntrl.adminlinks.xml, Oss.cntrl.feature.xml, Oss.cswp.sts_dwp, Oss.dwpadvancedsearchbox_dwp, Oss.dwpcoreresults_dwp, Oss.dwpdualchinesesearch_dwp, Oss.dwphighconfidence_dwp, Oss.dwppeoplecoreresults_dwp, Oss.dwpsearchbox_dwp, Oss.dwpsearchpaging_dwp, Oss.dwpsearchstats_dwp, Oss.dwpsearchsummary_dwp, Oss.enhanced.adminlinks.xml, Oss.enhanced.feature.xml, Oss.enhanced.mobilesearch.xml, Oss.enhanced.searcharea.xml, Oss.farm1.sys_dwp, Oss.farmsa.lst_dwp, Oss.health.crawlprocessingperactivity.aspx, Oss.health.crawlprocessingpercomponent.aspx, Oss.health.crawlqueue.aspx, Oss.health.crawlratepercontentsource.aspx, Oss.health.crawlratepertype.aspx, Oss.health.feature.xml, Oss.health.querylatency.aspx, Oss.health.querylatencytrend.aspx, Oss.health.reports.xml, Oss.health.sharepointbackendquerylatency.aspx, Oss.healthpushdown.feature.xml, Oss.intl.dll, Oss.peoplerefinement_dwp, Oss.portal.feature.xml, Oss.powershell.searchcmdlets.xml, Oss.querysuggestions_dwp, Oss.refinement_dwp, Oss.sa1.sys_dwp, Oss.search.admin.client.config, Oss.search.admin.web.config, Oss.search.admin.web.svc, Oss.search.powershell.format.xml, Oss.search.powershell.help_ntrl.xml, Oss.search.powershell.types.xml, Oss.search.webservice.client.config, Oss.search.webservice.svc, Oss.search.webservice.web.config, Oss.searchactionlinks_dwp, Oss.searchbestbets_dwp, Oss.searchresults_aspx, Oss.searchserverwizard.feature.xml, Oss.shcuts.sys_dwp, Oss.srch.12.rsx, Oss.srch.rsx, Oss.srchadm.rsx, Oss.srchcenurlsite.ftr.xml, Oss.srchconnectorgenerator_aspx, Oss.srchrssgen_xsl, Oss.srchrss_aspx, Oss.stplg1_dwp, Oss.summaryresults_dwp, Oss.swpf.advancedsearchbox_dwp, Oss.swpf.coreresults_dwp, Oss.swpf.dualchinese_search_dwp, Oss.swpf.highconfidence_dwp, Oss.swpf.peoplecoreresults_dwp, Oss.swpf.peoplerefinement_dwp, Oss.swpf.querysuggestions_dwp, Oss.swpf.refinement_dwp, Oss.swpf.searchactionlinks_dwp, Oss.swpf.searchbestbets_dwp, Oss.swpf.searchbox_dwp, Oss.swpf.searchpaging_dwp, Oss.swpf.searchstats_dwp, Oss.swpf.searchsummary_dwp, Oss.swpf.summaryresults_dwp, Oss.swpf.topanswer_dwp, Oss.tcscsearchresults_aspx, Oss.topanswer_dwp, Oss.upgrade.config.xml, Oss.webconfig.spss.xml, Oss12plc.config, Oss12plc.dll, Pblyfeat.xml, Pblyprovui.xml, Pefeat.xml, People_aspx, Pepfast_aspx, Pepre-sults_aspx, Peprfast_aspx, Pkmexsph.dll_0001, Plnfeat.xml, Plnkfeat.xml, Pnfeat.xml, Popupselector1.aspx, Portal.dll, Portal.dll_001, Portal.js, Ppldefault_aspx, Pplre-sults_aspx, Pplsearchres.aspx, Premstpl.xml, Prm0001.bin_osssearch, Prm0005.bin_osssearch, Prm0006.bin_osssearch, Prm0007.bin_osssearch, Prm0008.bin_osssearch, Prm0009.bin_osssearch, Prm000b.bin_osssearch, Prm000e.bin_osssearch, Prm0013.bin_osssearch, Prm0015.bin_osssearch, Prm0019.bin_osssearch, Prm001f.bin_osssearch, Pubfeat.xml, Pubonet.xml, Pub-prft.xml, Pubrfeat.xml, Pubtfeat.xml, Query9x.dll_0001, Quickacc.xml, Rankpromotionmanagement1.aspx, Ratings.js, Reportcenterdoclibeditdlg_htm, Re-portcenterdoclibschema_xml, Reportcenterdoclibupload_aspx, Resfast_aspx, Resrem.apx, Results_aspx, Rleditdlg.htm, Rlschma.xml, Rlupload.aspx, Scfeatr.xml, Scfonet_xml, Scftabslistschema_xml, Schema.xml_ldoclib, Schema.xml_pubfeap, Schma.xml, Schreset.apx, Sclonet_xml, Scltabslistdispform_aspx, Scltabslistedit-form_aspx, Scltabslistnewform_aspx, Scltabslistschema_xml, Scope.apx, Scope1.apx, Scpdspgp.apx, Scriptforwebtaggingui.js, Sctabslistdispform_aspx, Sctabslistedit-form_aspx, Sctabslistnewform_aspx, Sctabslistschema_xml, Scwedadm.apx, Scweddbs.apx, Scwedisv.apx, Scwedqsv.apx, Scwfinsh.apx, Scwtpcfg.apx, Sde-fault_aspx, Search.admin.fdprov.xml, Search.admin.saprov.xml, Search.admin.web.parts.dwpfiles.xml, Search.admin.web.parts.feature.xml, Search.js, Search.web.parts.dwpfiles.xml, Search.web.parts.feature.xml, Searchextensionsfea-ture, Searchextensionswebpartdescription, Searchextensionswebparts, Searchmain.aspx, Searchom.dll, Searchom.dll_0001, Searchres.aspx, Selcrpr.apx, Selmpr.apx, Sharepointpub.dll, Sharepointpub_gac.dll, Showfulltextindexmap-ping1.aspx, Siteactn.xml, Sitesv3siteslistdispform_aspx, Sitesv3siteslisteditform_aspx, Sitesv3siteslistnewform_aspx, Sitesv3siteslistschema_xml, Sitesv3tabslistdispform_aspx, Sitesv3tabslisteditform_aspx, Sitesv3tabslistnewform_aspx, Sitesv3tabslistschema_xml, Sm.asx, Sp.publishing.resources.rsx, Sp.ui.rte.publishing.debug.js, Sp.ui.rte.publishing.js, Spdisco.aspx, Spellcheckmanagement1.aspx, Sppubint.dll, Sppubint_gac.dll, Spscrntl.rsx, Spsintl.dll, Srcadmin.apx, Srchcenhlp.xml, Srchcenurl.xml, Srcheml.apx, Srchout.apx, Srchprx.apx, Srchssl.apx, Sresults_aspx, Tamanagesssvcapp.aspx, Targetappgeneralsettingssection.ascx, Taxonomy.sql, Taxupdateprocs.sql, Tpcfgfh.apx, Tplapset.apx, Tquery.dll, Treecontrol.js, Updsched1.apx, Upgrade.dll_001, Upload.aspx_ldoclib, Upload.aspx_pubfeap, Upload.aspx_pubresfeat, Urlselector.aspx, Usercontextmanagement1.aspx, V2vpblyfeat.xml, Vwfrmlk.xml, Vwscope1.apx, Vwscopes.apx, Vwscpse1.apx, Vwscpset.apx, Wacproxy.ashx, Web.config, Webcon-fig.extended.search.xml, Wizardlist.aspx_2060739507, Editdlg.htm_dcl, Microsoft.office.server.dll, Microsoft.office.server.dll_isapi, Mi-crosoft.office.server.filtercontrols.dll, Microsoft.office.server.native.dll, Microsoft.office.server.openxml.dll, Microsoft.resourcemanagement.dll, Office.odf, Offxml.dll, Osafehtm.dll, Osrvintl.dll, Schema.xml_dcl, Sspadmin.mas, Svrsetup.dll, Svrsetup.exe, Upload.aspx_dcl, Accountjoiner.dll, Activityinformation.sql, Adgalmaat-tributeinclusionlis, Adgalmadata.xml, Adgalmamandatoryattributelis, Adgalmamandatoryobjectclassl, Adgalmaobjectclassinclusionl, Adgalmvdata.xml, Admaattributeinclusionlist.x, Admamandatoryattributelist.x, Admamandatoryob-jectclasslist, Admaobjectclassinclusionlist, Admapropertypages.dll, Aduisettinginit.xml, Antixsslibrary.dll, Assemblyinfo.cs, Assemblyinfo.vb, Assemblyinfo.vb.galsync, Assem-blyinfo.vb.logging, Atl90.dll.21022.08.vc90_atl_x64.rtm, Build.xml, Certmgr.exe, Common.microsoft.identitymanagement.logging.dll, Com-mon.microsoft.resourcemanagement.automation.dll, Common.microsoft.resourcemanagement.automation.dllhelp.xml, Com-mon.microsoft.resourcemanagement.dll, Configdb.dll, Constants.sql, Constantspecifiers.sql, Containerpicker.dll, Crt.manifest, Cscdextensioncallbasedscript, Cscdextensionfilebasedscript, Csexport.exe, Csmaobjectscript.xml, Csmvobject-script.xml, Cspasswordextensionscript.xm, Cssearch.dll, Databasesettings.sql, Dbmapropertypages.dll, Dbuisettinginit.xml, Dropsqlpersistenceproviderlogic.sql, Dropsqlpersistenceproviderschema.sql, Drop_procs.sql, Edirectoryma.dll, Edirecto-rymaattributeinclusi, Edirectorymamandatoryattribu, Edirectorymamandatoryobjectc, Edirectorymaobjectclassinclu, Edirectoryuisettinginit.xml, Editconnectionfilters.aspx, Editdsserver.aspx, Editlink.aspx, Editproperty.aspx, Enableservice-broker_storedprocedure.sql, Exch2007extension.dll, Exch2010extension.dll, Exchangema.dll, Exchangemaattributeinclusion, Exchangemamandatoryattribute, Exchangemamandatoryobjectcla, Exchangemaobjectclassinclusi, Ex-changeuisettinginit.xml, Filemauiconfig.xml, Fimmaattributeinclusionlist.xml, Fimmadata.xml, Fimmamandatoryattributelist.xml, Fimmamandatoryobjectclasslist.xml, Fimmaobjectclassinclusionlist.xml, Fimmapropertypages.dll, Fimmvdata.xml, Func-tionlibrary.dll, Galma.vb, Galmv.vb, Galsync.dll, Galsync.sln, Galsync.vbproj, Galutil.vb, Genericsolutionfile.xml, Globaloptions.dll, Grouplistview.dll, Helpurl.xml, Ibmdsmaat-tributeinclusionlis, Ibmdsmamandatoryattributelis, Ibmdsmamandatoryobjectclassl, Ibmdsmaobjectclassinclusionl, Ibmdsmapropertypages.dll, Ibmdsuisettinginit.xml, Importhelperconfig.xml, Iplanetmapropertypages.dll, Ipmaattributeinclusionlist.x, Ipmamandatoryattributelist.x, Ipmamandatoryobjectclasslist, Ipmaobjectclassinclusion-list, Ipuisettinginit.xml, Lnmaattributeinclusionlist.x, Lnmamandatoryattributelist.x, Lnmamandatoryobjectclasslist, Lnmaobjectclassinclusionlist, Lnschema.dsml, Lnui-settinginit.xml, Logging.dll, Logging.sln, Logging.vb, Logging.vbproj, Logging.xml, Maconfig.dll, Maconfig.dll_help.xml, Maexecution.dll, Maexport.exe, Mahostm.dll, Mahostn.dll, Makecert.exe, Managelinks.aspx, Managementpolicyrule.sql, Manageso-cialitems.aspx, Manifest.21022.08.vc90_atl_x64.rtm, Mapackager.exe, Mapropertypages.dll, Mcrypt.dll, Membership.sql, Mgrperms.aspx, Mgrpolicy.aspx, Microsoft.identitymanagement.externalsettingsmanager.dll, Mi-crosoft.identitymanagement.findprivatekey.exe, Microsoft.identitymanagement.settingscontract.dll, Mi-crosoft.identitymanagement.setuputils.dll, Microsoft.identitymanagement.sqm.dll, Microsoft.logging.dll, Microsoft.metadirectoryservices, Mi-crosoft.metadirectoryservicesex.dll, Microsoft.office.server.userprofiles.activedirectorymaextension.dll, Mi-crosoft.office.server.userprofiles.dll, Microsoft.office.server.userprofiles.dll_isapi, Microsoft.office.server.userprofiles.ldapmaextension.dll, Mi-crosoft.office.server.userprofiles.managementagent.dll, Microsoft.office.server.userprofiles.metaverseextension.dll, Mi-crosoft.office.server.userprofiles.synchronization.dll, Microsoft.resman.dll, Microsoft.resman.service.exe, Microsoft.resourcemanagement.service.exe.config, Microsoft.resourcemanagement.service.exe.ilminstall, Mi-crosoft.resourcemanagement.service.exe.mossinstall, Microsoft.resourcemanagement.serviceconfiguration.preparationutility.exe, Mi-crosoft.resourcemanagement.serviceconfiguration.utility.exe, Miisactivate.exe, Miisclient.exe, Miisclient.exe.config, Miiserver.exe, Miiserver.exe.config, Miiskmu.exe, Miisrcw.dll, Mms.chm, Mmscntrl.dll, Mmsevent.dll, Mmsmaad.dll, Mmsmads.dll, Mmsmaed.dll, Mmsmaext.dll, Mmsmafim.dll, Mmsmaip.dll, Mmsmaxml.dll, Mmsperf.dll, Mmsperf.h, Mmsperf.ini, Mmsps.dll, Mmsscpth.dll, Mmsscrpt.exe, Mmsscrpt.exe.config, Mmsserverrcw.dll, Mmsuihlp.dll, Mmsuishell.dll, Mmsutils.dll, Mmswmi.dll, Mmswmi.mof, Mmswmix.mof, Msft.metads.dll, Msft.metads.host.dll, Msft.metads.host.gac.dll, Msft.metads.impl.dll, Msft.metads.xml, Msft.metadsex.dll, Msft.metadsex.xml, Mstlay_mysite.master, Msvcm90.dll, Msvcp90.dll, Msvcr90.dll, Mv.dsml, Mvdesigner.dll, Mvviewer.dll, Notesmapropertypages.dll, Ntma.dll, Ntmaat-tributeinclusionlist.x, Ntmamandatoryattributelist.x, Ntmamandatoryobjectclasslist, Ntmaobjectclassinclusionlist, Ntuisettinginit.xml, Objectlauncher.dll, Objectschemacon-figpopulate.sql, Objectschema_storedprocedures.sql, Objects_indexes.unfiltered.sql, Objects_storedprocedures.sql, Objects_tables.sql, Objects_views.sql, Objectview-ers.dll, Operations.dll, Personalsites.aspx, Portaluiconfigurations.sql, Preview.dll, Profilesrp.sql, Profilup.sql, Propertypageconfig.xml, Propertysheetbase.dll, Psite_mysite.master, Rightrule.sql, Rulerctrl.dll, Schemacollections.sql, Searchscopes.sql, Sets_storedprocedures.sql, Soccom.js, Socialsrp.sql, Socialup.sql, Sourcecode.galsync.dll, Sourcecode.logging.dll, Sourcecode.logging.xml, Sqler-rormessages.sql, Sqlpersistenceproviderlogic.sql, Sqlpersistenceproviderschema.sql, Sqlpersistenceservice_logic.sql, Sqlpersistenceservice_schema.sql, Sql-workitemschedulerlogic.sql, Sqlworkitemschedulerschema.sql, Sqmapi.dll, Storedprocedures.sql, Svrexport.exe, Syncsetuputl.dll, Sync_storedprocedures.sql, Sync_synchronizationrules.sql, Tables.sql, Teditconnectionfilters.aspx, Teditdsserv-er.aspx, Teditlink.aspx, Teditproperty.aspx, Timezones.sql, Tmanagelinks.aspx, Tmanagesocialitems.aspx, Tmgrpolicy.aspx, Tpersonalsites.aspx, Uiutils.dll, Uoc-configurations.sql, Upcmdlet.xml, Userprofileservicewsdl.aspx, Values.sql, Vbcdextensioncallbasedscript, Vbcdextensionfilebasedscript, Vbmaobjectscript.xml, Vbmvobjectscript.xml, Vbpasswordextensionscript.xml, Vbwmirunscript.xml, Vspro-jectcs.xsl, Vsprojectvb.xsl, Wmirunscript.xml, Xmlmapropertypages.dll
ImpactImportant - Elevation of Privilege
MS12-012Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
DescriptionThis security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadColorcpl.exe, Colorui.dll, Icmui.dll
ImpactImportant - Remote Code Execution
MS12-013Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
DescriptionThis security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. An attacker who successfully exploited the vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadMsvcrt.dll
ImpactCritical - Remote Code Execution
MS12-014Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
DescriptionThis security update resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadIacenc.dll, Updspapi.dll
ImpactImportant - Remote Code Execution
MS12-015Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
DescriptionThis security update resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadSaext.dll, Seqchk10.dll, Vpreview.exe, Vviewdwg.dll, Vviewer.dll
ImpactImportant - Remote Code Execution
MS12-016Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
DescriptionThis security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted web page using a web browser that can run XAML Browser Applica-tions (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
PayloadNo specific files affected
ImpactCritical - Remote Code Execution

*All results are based on a Quest ChangeBASE Application Compatibility Lab's test portfolio of over 1,000 applications.

No comments: