Cisco Event Response: Microsoft Security Bulletin Release for February 2012

February 14, 2012

Microsoft published its monthly security bulletin release on February 14, 2012. Microsoft released nine bulletins that addressed 21 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows operating systems, Microsoft Visio Viewer, Microsoft Internet Explorer, and Microsoft Sharepoint. The vulnerabilities could allow an attacker to conduct cross-site scripting attacks, gain access to sensitive information, or execute code on a targeted system.

Description: SIO globe art

Cisco Security
Intelligence Operations

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS12-008 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution	Microsoft Windows win32k.sys Kernel Mode Driver Privilege Escalation Vulnerability	CVE-2012-0154	–	6. 8
	Microsoft Windows 7 win32k.sys Arbitrary Code Execution Vulnerability	CVE-2011-5046	Cisco IPS Signature 41806-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-009 Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege	Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability	CVE-2012-0148	–	6.8
	Microsoft Windows Kernel Ancillary Function Driver Privilege Escalation Vulnerability	CVE-2012-0149	–	6.8
Microsoft Security Bulletin MS12-010 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer Copy and Paste Cross-Domain Information Disclosure Vulnerability	CVE-2012-0010	–	2.6
	Microsoft Internet Explorer HTML Object Processing Arbitrary Code Execution Vulnerability	CVE-2012-0011	Cisco IPS Signature 41847-0, Cisco Security Manager	9.3
	Microsoft Internet Explorer NULL Byte Processing Memory Exposure Vulnerability	CVE-2012-0012	Cisco IPS Signature 41866-0, Cisco Security Manager	4.3
	Microsoft Internet Explorer VML Content Processing Arbitrary Code Execution Vulnerability	CVE-2012-0155	Cisco IPS Signature 41866-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-011 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege	Microsoft SharePoint Server inplview.aspx Cross-Site Scripting Vulnerability	CVE-2012-0017	Cisco IPS Signature 41846-0, Cisco Security Manager	4.3
	Microsoft SharePoint Server themeweb.aspx Cross-Site Scripting Vulnerability	CVE-2012-0144	Cisco IPS Signature 41946-1, Cisco Security Manager	4.3
	Microsoft SharePoint Server wizardlist.aspx Cross-Site Scripting Vulnerability	CVE-2012-0145	Cisco IPS Signature 41846-0, Cisco Security Manager	4.3
Microsoft Security Bulletin MS12-012 Vulnerability in Color Control Panel Could Allow Remote Code Execution	Microsoft Windows Server 2008 Color Control Panel Insecure DLL Loading Vulnerability	CVE-2010-5082	Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 31419-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-013 Vulnerability in C Run-Time Library Could Allow Remote Code Execution	Microsoft Internet Explorer Copy and Paste Cross-Domain Information Disclosure Vulnerability	CVE-2012-0150	Cisco IPS Signature 41906-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-014 Vulnerability in Indeo Codec Could Allow Remote Code Execution	Microsoft Windows Indeo Codec Insecure Library Loading Vulnerability	CVE-2010-3138	Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco ACE,Cisco IPS Signature 31419-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-015 Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution	Microsoft Visio Viewer File Validation Arbitrary Code Execution Vulnerability	CVE-2012-0019	–	9.3
	Microsoft Visio Viewer File Handling Memory Corruption Vulnerability	CVE-2012-0020	–	9.3
	Microsoft Visio Viewer File Processing Memory Corruption Vulnerability	CVE-2012-0136	–	9.3
	Microsoft Visio Viewer File Handling Arbitrary Code Execution Vulnerability	CVE-2012-0137	–	9.3
	Microsoft Visio Viewer File Processing Arbitrary Code Execution Vulnerability	CVE-2012-0138	–	9.3
Microsoft Security Bulletin MS12-016 Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution	Microsoft .NET Framework and Silverlight Unmanaged Object Access Arbitrary Code Execution Vulnerability	CVE-2012-0014	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 41766-0, Cisco Security Manager	9.3
	Microsoft .NET Framework Heap Corruption Arbitrary Code Execution Vulnerability	CVE-2012-0015	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 41786-0, Cisco Security Manager	9.3

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; and Cisco ACE Application Control Engine are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for February 2012

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Return to Cisco Security Intelligence Operations

Cisco Event Response: Microsoft Security Bulletin Release for February 2012

Information For

Industries

Contacts

News & Alerts

Technology Trends

Support

Communities

Video Portal

About Cisco

Programs