Cisco Event Response: Microsoft Security Bulletin Release for February 2012

February 14, 2012

Microsoft published its monthly security bulletin release on February 14, 2012. Microsoft released nine bulletins that addressed 21 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows operating systems, Microsoft Visio Viewer, Microsoft Internet Explorer, and Microsoft Sharepoint. The vulnerabilities could allow an attacker to conduct cross-site scripting attacks, gain access to sensitive information, or execute code on a targeted system.

 


Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin

Cisco IntelliShield Alert

CVE ID
Description: Search CVEs

Cisco Mitigations

CVSS
Base Score
Description: CVSS Q&A

Microsoft Security Bulletin MS12-008

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

Microsoft Windows win32k.sys Kernel Mode Driver Privilege Escalation Vulnerability

CVE-2012-0154

6. 8

Microsoft Windows 7 win32k.sys Arbitrary Code Execution Vulnerability

CVE-2011-5046

Cisco IPS Signature 41806-0, Cisco Security Manager

9.3

Microsoft Security Bulletin MS12-009

Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege

Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability

CVE-2012-0148

6.8

Microsoft Windows Kernel Ancillary Function Driver Privilege Escalation Vulnerability

CVE-2012-0149

6.8

Microsoft Security Bulletin MS12-010

Cumulative Security Update for Internet Explorer

Microsoft Internet Explorer Copy and Paste Cross-Domain Information Disclosure Vulnerability

CVE-2012-0010

2.6

Microsoft Internet Explorer HTML Object Processing Arbitrary Code Execution Vulnerability

CVE-2012-0011

Cisco IPS Signature 41847-0, Cisco Security Manager

9.3

Microsoft Internet Explorer NULL Byte Processing Memory Exposure Vulnerability

CVE-2012-0012

Cisco IPS Signature 41866-0, Cisco Security Manager

4.3

Microsoft Internet Explorer VML Content Processing Arbitrary Code Execution Vulnerability

CVE-2012-0155

Cisco IPS Signature 41866-0, Cisco Security Manager

9.3

Microsoft Security Bulletin MS12-011

Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege

Microsoft SharePoint Server inplview.aspx Cross-Site Scripting Vulnerability

CVE-2012-0017

Cisco IPS Signature 41846-0, Cisco Security Manager

4.3

Microsoft SharePoint Server themeweb.aspx Cross-Site Scripting Vulnerability

CVE-2012-0144

Cisco IPS Signature 41946-1, Cisco Security Manager

4.3

Microsoft SharePoint Server wizardlist.aspx Cross-Site Scripting Vulnerability

CVE-2012-0145

Cisco IPS Signature 41846-0, Cisco Security Manager

4.3

Microsoft Security Bulletin MS12-012

Vulnerability in Color Control Panel Could Allow Remote Code Execution

Microsoft Windows Server 2008 Color Control Panel Insecure DLL Loading Vulnerability

CVE-2010-5082

Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 31419-0, Cisco Security Manager

9.3

Microsoft Security Bulletin MS12-013

Vulnerability in C Run-Time Library Could Allow Remote Code Execution

Microsoft Internet Explorer Copy and Paste Cross-Domain Information Disclosure Vulnerability

CVE-2012-0150

Cisco IPS Signature 41906-0, Cisco Security Manager

9.3

Microsoft Security Bulletin MS12-014

Vulnerability in Indeo Codec Could Allow Remote Code Execution

Microsoft Windows Indeo Codec Insecure Library Loading Vulnerability

CVE-2010-3138

Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco ACE,Cisco IPS Signature 31419-0, Cisco Security Manager

9.3

Microsoft Security Bulletin MS12-015

Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution

Microsoft Visio Viewer File Validation Arbitrary Code Execution Vulnerability

CVE-2012-0019

9.3

Microsoft Visio Viewer File Handling Memory Corruption Vulnerability

CVE-2012-0020

9.3

Microsoft Visio Viewer File Processing Memory Corruption Vulnerability

CVE-2012-0136

9.3

Microsoft Visio Viewer File Handling Arbitrary Code Execution Vulnerability

CVE-2012-0137

9.3

Microsoft Visio Viewer File Processing Arbitrary Code Execution Vulnerability

CVE-2012-0138

9.3

Microsoft Security Bulletin MS12-016

Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution

Microsoft .NET Framework and Silverlight Unmanaged Object Access Arbitrary Code Execution Vulnerability

CVE-2012-0014

Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 41766-0, Cisco Security Manager

9.3

Microsoft .NET Framework Heap Corruption Arbitrary Code Execution Vulnerability

CVE-2012-0015

Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 41786-0, Cisco Security Manager

9.3

         

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; and Cisco ACE Application Control Engine are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for February 2012

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Description: http://www.cisco.com/swa/i/spacer.gif