Microsoft Releases December 2012 Patch Tuesday Updates

Microsoft has released December 2012’s Patch Tuesday. The year end’s Patch Tuesday has seven security bulletins that fixes vulnerabilities in various Microsoft products. Out of the seven security bulletins, five are rated critical, which is the maximum severity rating by Microsoft. The rest two bulletins are rated as important on the severity rating scale. The seven security bulletins of this month’s Patch Tuesday addresses 12 vulnerabilities in Microsoft Windows, Microsoft Office and Windows Server.

Windows RT will also be updated through two different updates (KB2753842, KB2779030), both of them being rated as “critical” in the severity scale. The updates for Windows RT brings improvements to Microsoft Surface which includes increased WiFi reliability, improved connectivity. Performance improvements includes support for access point names that use non standard ASCII characters. The update also reduces scenarios which resulted in limited WiFi connectivity.

Deployment of December 2012 Patch Tuesday Bulletins

Microsoft has recommended to deploy MS12-077 and MS12-079 security bulletins, which fixes vulnerabilities in Internet Explorer and Microsoft Word, before the deployment of other bulletins on affected systems.

“You’ll notice there is no severity rating for IE versions prior to IE 9. On these versions, the update is a defense-in-depth change only. Although there are no known attack vectors for these versions, we still recommend that our customers using these versions apply the update,” Microsoft said.

Microsoft did suggested its customers to perform their own prioritization assessment as each environment is different. The Redmond-based software giant recommends deploying all the security bulletins as soon as possible.

You can refer to the bulletin deployment priority guide released by Microsoft to understand which bulletins you should deploy on affected computer systems.

bulletin-deployment-patch-tuesday-december-12

According to the guide above, Microsoft suggests deploying bulletins in the following order.

  • MS12-077 – All versions of Internet Explorer are affected
  • MS12-079 – Microsoft Office Word 2007 and 2010 customers need to install Compatibility Pack KB2760416 to be protected from the vulnerability
  • MS12-081 – Windows 8, Windows RT and Server 2012 are not affected
  • MS12-078 – Windows 8, Server 2012 and Windows RT are affected
  • MS12-080 – Protects Microsoft Exchange customers from the vulnerability
  • MS12-082 – Windows RT is not affected
  • Ms12-083 – Security bypass on Server 2008 and 2012.
severity-december-12

MS12-077: Cumulative Security Update for Internet Explorer (2761465)

This security update resolves three privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS12-078: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2783534)

This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType or OpenType font files. An attacker would have to convince users to visit the website, typically by getting them to click a link in an email message that takes them to the attacker’s website.

MS12-079: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642)

This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Office software, or previews or opens a specially crafted RTF email message in Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS12-080: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2784126)

This security update resolves publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe vulnerabilities are in Microsoft Exchange Server WebReady Document Viewing and could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA). The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.

MS12-081: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2758857)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user browses to a folder that contains a file or subfolder with a specially crafted name. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS12-082: Vulnerability in DirectPlay Could Allow Remote Code Execution (2770660)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker convinces a user to view a specially crafted Office document with embedded content. An attacker who successfully exploits this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MS12-083: Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker presents a revoked certificate to an IP-HTTPS server commonly used in Microsoft DirectAccess deployments. To exploit the vulnerability, an attacker must use a certificate issued from the domain for IP-HTTPS server authentication. Logging on to a system inside the organization would still require system or domain credentials.

How to apply December 2012 Patch Tuesday update to your Windows system?

As always, all these Patch Tuesday updates are delivered via the built-in Windows Update tool. Administrators can also download the fixes manually via the Microsoft Download Center, if they want to deploy the patches to multiple computers. December 2012 Security Release ISO image is available for download from the Download Center, which includes all the security bulletins released by Microsoft.

Source: Security TechCenter

You may also like...