Cisco Event Response: Microsoft Security Bulletin Release for June 2012

June 12, 2012

Microsoft published its monthly security bulletin release on June 12, 2012. Microsoft released seven bulletins that addressed 26 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows operating systems, Microsoft Internet Explorer, Microsoft .NET Framework, Microsoft Lync, and Microsoft Dynamics AX. The vulnerabilities could allow an attacker to gain escalated privileges, cause a denial of service condition, conduct cross-site scripting attacks, or execute code on a targeted system.

Description: SIO globe art

Cisco Security
Intelligence Operations

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS12-036 Vulnerability in Remote Desktop Could Allow Remote Code Execution	Microsoft Windows Remote Desktop Protocol Arbitrary Code Execution Vulnerability	CVE-2012-0173	Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco Security Manager	10.0
Microsoft Security Bulletin MS12-037 Cumulative Security Update for Internet Explorer	Microsoft Internet Explorer center Element Processing Arbitrary Code Execution Vulnerability	CVE-2012-1523	Cisco Security Manager, IPS Sig 1273-0	9.3
	Microsoft Internet Explorer and Lync HTML Sanitization Cross-Site Scripting Vulnerability	CVE-2012-1858	Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco Security Manager, IPS Sig 1279-0	4.3
	Microsoft Internet Explorer EUC-JP Character Handling Cross-Site Scripting Vulnerability	CVE-2012-1872	–	4.3
	Microsoft Internet Explorer NULL Byte Character Handling Information Disclosure Vulnerability	CVE-2012-1873	Cisco Security Manager, IPS Sig 1265-0	4.3
	Microsoft Internet Explorer Developer Toolbar Arbitrary Code Execution Vulnerability	CVE-2012-1874	Cisco Security Manager, IPS Sig 1272-0	9.3
	Microsoft Internet Explorer Property ID Processing Memory Corruption Vulnerability	CVE-2012-1875	Cisco Security Manager, IPS Sig 1258-0, IPS Sig 1258-1	9.3
	Microsoft Internet Explorer colspan Element Processing Arbitrary Code Execution Vulnerability	CVE-2012-1876	Cisco Security Manager, IPS Sig 1277-0, IPS Sig 1277-1	9.3
	Microsoft Internet Explorer Title Element Processing Arbitrary Code Execution Vulnerability	CVE-2012-1877	Cisco Security Manager, IPS Sig 1270-0	9.3
	Microsoft Internet Explorer OnBeforeActivate Event Handling Arbitrary Code Execution Vulnerability	CVE-2012-1878	Cisco Security Manager, IPS Sig 1276-0, IPS Sig 1276-1	9.3
	Microsoft Internet Explorer insertAdjacentText Method Processing Arbitrary Code Execution Vulnerability	CVE-2012-1879	Cisco Security Manager, IPS Sig 1271-0	9.3
	Microsoft Internet Explorer insertRow Method Processing Arbitrary Code Execution Vulnerability	CVE-2012-1880	Cisco Security Manager, IPS Sig 1268-0	9.3
	Microsoft Internet Explorer OnRowsInserted Event Handling Memory Corruption Vulnerability	CVE-2012-1881	Cisco Security Manager, IPS Sig 1261-0	9.3
	Microsoft Internet Explorer Scrolling Events Handling Information Disclosure Vulnerability	CVE-2012-1882	–	4.3
Microsoft Security Bulletin MS12-038 Vulnerability in .NET Framework Could Allow Remote Code Execution	Microsoft .NET Framework Clipboard Improper Memory Access Arbitrary Code Execution Vulnerability	CVE-2012-1855	Cisco ASA/ASASM/FWSM, Cisco Security Manager, IPS Sig 1274-0	9.3
Microsoft Security Bulletin MS12-039 Vulnerabilities in Lync Could Allow Remote Code Execution	Microsoft Windows, Office, Silverlight, and Lync TrueType Font Parsing Remote Code Execution Vulnerability	CVE-2012-3402	–	9.3
	Microsoft Windows, Office, Silverlight, and Lync TrueType Font Processing Vulnerability	CVE-2012-0159	–	9.3
	Microsoft Lync Insecure Library Loading Vulnerability	CVE-2012-1849	Cisco IOS tACL, Cisco IOS NetFlow, Cisco ASA/ASASM/FWSM, Cisco Security Manager, IPS Sig 31419/0	9.3
Microsoft Security Bulletin MS12-040 Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege	Microsoft Dynamic AX Enterprise Portal Cross-Site Scripting Vulnerability	CVE-2012-1857	Cisco Security Manager, IPS Sig 1275-0	4.3
Microsoft Security Bulletin MS12-041 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege	Microsoft Windows Win32k Kernel Driver String Atom Class Name Handling Vulnerability	CVE-2012-1864	–	6.8
	Microsoft Windows win32k.sys Kernel Driver String Atom Class Vulnerability	CVE-2012-1865	–	6.8
	Microsoft Windows Win32k Kernel Driver Clipboard Format Atom Name Handling Vulnerability	CVE-2012-1866	–	6.8
	Microsoft Windows Win32k Kernel Driver Font Resource Refcount Integer Overflow Vulnerability	CVE-2012-1867	–	6.8
	Microsoft Windows Win32k Kernel Driver Race Condition Vulnerability	CVE-2012-1868	–	6.8
Microsoft Security Bulletin MS12-042 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege	Multiple Products Kernel User Mode Data Processing Memory Corruption Vulnerability	CVE-2012-0217	–	6.8
	Microsoft Windows and VMware ESX and ESXi Port-Based I/O Handling Error Local Privilege Escalation Error	CVE-2012-1515	–	6.8

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; and Cisco ACE Application Control Engine are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for June 2012

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Return to Cisco Security Intelligence Operations

Cisco Event Response: Microsoft Security Bulletin Release for June 2012

Information For

Industries

Contacts

News & Alerts

Technology Trends

Support

Communities

Video Portal

About Cisco

Programs