Microsoft Security Bulletin(s) for October 9 2012

Microsoft Security Bulletin(s) for October 9 2012
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
http://technet.microsoft.com/en-us/security/bulletin/ms12-oct



Critical (1)
Microsoft Security Bulletin MS12-064
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
http://technet.microsoft.com/en-us/security/bulletin/ms12-064


Important (6)
Microsoft Security Bulletin MS12-065
Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
http://technet.microsoft.com/en-us/security/bulletin/ms12-065


Microsoft Security Bulletin MS12-066
Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
http://technet.microsoft.com/en-us/security/bulletin/ms12-066

Microsoft Security Bulletin MS12-067
Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
http://technet.microsoft.com/en-us/security/bulletin/ms12-067

Microsoft Security Bulletin MS12-068
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)
http://technet.microsoft.com/en-us/security/bulletin/ms12-068

Microsoft Security Bulletin MS12-069
Vulnerability in Kerberos Could Allow Denial of Service (2743555)
http://technet.microsoft.com/en-us/security/bulletin/ms12-069

Microsoft Security Bulletin MS12-070
Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)
http://technet.microsoft.com/en-us/security/bulletin/ms12-070



Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Microsoft Security Bulletin Re-Releases - Oct. 9, 2012
Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS12-043 - Critical
* MS12-053 - Critical
* MS12-054 - Critical
* MS12-055 - Important
* MS12-058 - Critical
* MS12-JUL
* MS12-AUG

Bulletin Information:

* MS12-043 - Critical
http://technet.microsoft.com/security/bulletin/MS12-043

- Reason for Revision: V3.0 (October 9, 2012): Added Microsoft
XML Core Services 4.0 when installed on supported editions of
Windows 8 and Windows Server 2012 to affected software and
announced a corresponding detection change for the KB2721691
update package. Customers who have installed Microsoft XML
Core Services 4.0 on systems running Windows 8 or Windows
Server 2012 need to install the KB2721691 update to be
protected from the vulnerability described in this bulletin.
See the update FAQ for details.
- Originally posted: July 10, 2012
- Updated: October 9, 2012
- Bulletin Severity Rating: Critical
- Version: 3.0

* MS12-053 - Critical
http://technet.microsoft.com/security/bulletin/MS12-053

- Reason for Revision: V2.0 (October 9, 2012): Revised bulletin
to offer the rerelease of the KB723135 update for Windows XP.
Customers need to apply the rereleased update packages to
avoid an issue with digital certificates described in
Microsoft Security Advisory 2749655.
- Originally posted: August 14, 2012
- Updated: October 9, 2012
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS12-054 - Critical
http://technet.microsoft.com/security/bulletin/MS12-054

- Reason for Revision: V2.0 (October 9, 2012): Revised
bulletin to offer the rerelease of the KB2705219 update
for Windows XP, Windows Server 2003, Windows Vista, Windows
Server 2008, Windows 7, and Windows Server 2008 R2. Customers
need to apply the rereleased update packages to avoid an issue
with digital certificates described in Microsoft Security
Advisory 2749655.
- Originally posted: August 14, 2012
- Updated: October 9, 2012
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS12-055 - Important
http://technet.microsoft.com/security/bulletin/MS12-055

- Reason for Revision: V2.0 (October 9, 2012): Revised
bulletin to offer the rerelease of the KB2731847 update
for Windows XP, Windows Server 2003, Windows Vista, Windows
Server 2008, Windows 7, and Windows Server 2008 R2. Customers
need to apply the rereleased update packages to avoid an
issue with digital certificates described in Microsoft
Security Advisory 2749655.
- Originally posted: August 14, 2012
- Updated: October 9, 2012
- Bulletin Severity Rating: Important
- Version: 2.0

* MS12-058 - Critical
http://technet.microsoft.com/security/bulletin/MS12-058

- Reason for Revision: V2.0 (October 9, 2012): Revised bulletin
to offer the rerelease of updates for Microsoft Exchange Server
2007 Service Pack 3 (KB2756496), Microsoft Exchange Server 2010
Service Pack 1 (KB2756497), and Microsoft Exchange Server 2010
Service Pack 2 (KB2756485). Customers need to apply the
rereleased updates to avoid an issue with digital certificates
described in Microsoft Security Advisory 2749655.
- Originally posted: August 14, 2012
- Updated: October 9, 2012
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS12-JUL
http://technet.microsoft.com/en-us/security/bulletin/ms12-043

- Reason for Revision: V3.0 (October 9, 2012): For MS12-043,
added Microsoft XML Core Services 4.0 when installed on
supported editions of Windows 8 and Windows Server 2012
to affected software. See the MS12-043 bulletin for details.
- Originally posted: July 10, 2012
- Updated: October 9, 2012
- Version: 3.0

* MS12-AUG
http://technet.microsoft.com/security/bulletin/ms12-JUL

- Reason for Revision: V2.0 (October 9, 2012): Bulletin
Summary revised to coincide with the rerelease of update
packages in MS12-053, MS12-054, MS12-055, and MS12-058.
Customers need to apply the rereleased update packages
to avoid an issue with digital certificates described in
Microsoft Security Advisory 2749655. See the bulletins
for more information.
- Updated: October 9, 2012
- Version: 3.0