Microsoft Security Bulletin for January 10 2012

Microsoft Security Bulletin for January 10 2012

Microsoft Security Bulletin Summary for January 13 2012
Published: January 10 2011

Note: There may be latency issues due to replication, if the page does not display keep refreshing


Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the Microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.


Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:
http://technet.microsoft.com/en-us/security/bulletin/ms12-jan

Critical (1)


Microsoft Security Bulletin MS12-004 - Critical

Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-004


Important (6)


Microsoft Security Bulletin MS12-001 - Important

Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-001



Microsoft Security Bulletin MS12-002 - Important

Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-002


Microsoft Security Bulletin MS12-003 - Important

Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)
http://technet.microsoft.com/en-us/security/bulletin/ms12-003



Microsoft Security Bulletin MS12-005 - Important

Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-005



Microsoft Security Bulletin MS12-006 - Important

Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-006



Microsoft Security Bulletin MS12-007 - Important

Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

Published: Tuesday, January 10, 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-007

Moderate (0)




Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

MS12-006: Vulnerability in SSL/TLS could allow information disclosure: January 10, 2012

Known issues with this security update

After you install this security update, you may experience authentication failure or loss of connectivity to some HTTPS servers.
This issue occurs because this security update changes the way that records are sent to HTTPS server.
http://support.microsoft.com/kb/2643584