Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS12-023 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer Print Table of Links Arbitrary Code Execution Vulnerability	CVE-2012-0168	–	9.3
	Microsoft Internet Explorer JScript9 Remote Code Execution Vulnerability	CVE-2012-0169	–	9.3
	Microsoft Internet Explorer OnReadyStateChange Remote Code Execution Vulnerability	CVE-2012-0170	Cisco Security Manager Cisco IPS Signature 1132-0	9.3
	Microsoft Internet Explorer selectAll Arbitrary Code Execution Vulnerability	CVE-2012-0171	Cisco Security Manager Cisco IPS Signature 1134-0	9.3
	Microsoft Internet Explorer VML Deleted Object Access Arbitrary Code Execution Vulnerability	CVE-2012-0172	Cisco Security Manager Cisco IPS Signature 1129-0	9.3
Microsoft Security Bulletin MS12-024 Vulnerability in Windows Could Allow Remote Code Execution	Microsoft Windows WinVerifyTrust Signature Validation Remote Code Execution Vulnerability	CVE-2012-0151	Cisco Security Manager Cisco IPS Signature 1130-0	9.3
Microsoft Security Bulletin MS12-025 Vulnerability in .NET Framework Could Allow Remote Code Execution	Microsoft .NET Framework Parameter Validation Arbitrary Code Execution Vulnerability	CVE-2012-0163	Cisco Security Manager Cisco IPS Signature 1135-0	9.3
Microsoft Security Bulletin MS12-026 Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure	Microsoft Unified Access Gateway Blind HTTP Redirect Vulnerability	CVE-2012-0146	–	4.3
	Microsoft Software Unfiltered Access to UAG Default Website Information Disclosure Vulnerability	CVE-2012-0147	–	4.3
Microsoft Security Bulletin MS12-027 Vulnerability in Windows Common Controls Could Allow Remote Code Execution	Microsoft MSCOMCTL.OCX ActiveX Control Remote Code Execution Vulnerability	CVE-2012-0158	Cisco IOS NetFlow Cisco ASA/ASASM/FWSM Cisco ACE Cisco Security Manager Cisco IPS Signature 1131-0	9.3
Microsoft Security Bulletin MS12-028 Vulnerability in Microsoft Office Could Allow Remote Code Execution	Microsoft Office Works WPS Converter Arbitrary Code Execution Vulnerability	CVE-2012-0177	Cisco Security Manager Cisco IPS Signature 1136-0	9.3

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco Intrusion Prevention System (IPS) signatures, Cisco IOS NetFlow, Cisco ACE Application Control Engine and Module, Cisco Security Manager, and firewall inspection are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for April 2012

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Related Links

Cisco ACE 4710 Application Control Engine
Cisco ASA 5500 Adaptive Security Appliances
Cisco Firewall Solutions
Cisco Intrusion Prevention System
Cisco IOS IPS
Cisco IOS NetFlow
Cisco IronPort Web Security Appliances
Cisco NAC Appliance
Cisco Services for IPS
Cisco Identity Services Engine
Cisco Security Manager
Cisco Security IntelliShield Alert Manager Service
Cisco IPS Signature Downloads
Cisco IPS Signature Search Page
Cisco Applied Mitigation Bulletins

Return to Cisco Security Intelligence Operations