Cisco Event Response: Microsoft Security Bulletin Release for May 2012

May 8, 2012

Microsoft published its monthly security bulletin release on May 8, 2012. Microsoft released seven bulletins that addressed 23 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows operating systems, Microsoft Silverlight, and Microsoft Office. The vulnerabilities could allow an attacker to gain escalated privileges, cause a denial of service (DoS) condition, or execute code on a targeted system.

Description: SIO globe art

Cisco Security
Intelligence Operations

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS12-029 Vulnerability in Microsoft Word Could Allow Remote Code Execution	Microsoft Office Word Rich Text Format Data Processing Arbitrary Code Execution Vulnerability	CVE-2012-0183	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 1183-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-030 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution	Microsoft Office Excel File Parsing Arbitrary Code Execution Vulnerability	CVE-2012-0141	Cisco IPS Signature 1196-0, Cisco Security Manager	9.3
	Microsoft Office Excel OBJECTLINK Record Processing Arbitrary Code Execution Vulnerability	CVE-2012-0142	–	9.3
	Microsoft Office Excel Document Processing Arbitrary Code Execution Vulnerability	CVE-2012-0143	Cisco IPS Signature 1186-0, Cisco Security Manager	9.3
	Microsoft Office Excel SXLI Record Processing Memory Corruption Vulnerability	CVE-2012-0184	Cisco IPS Signature 1191-0, Cisco Security Manager
	Microsoft Office Excel MergeCells Record Processing Heap Overflow Vulnerability	CVE-2012-0185	Cisco IPS Signature 1189-0, Cisco Security Manager
	Microsoft Office Excel Record Processing Type Mismatch Remote Code Execution Vulnerability	CVE-2012-1847	Cisco IPS Signature 1192-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-031 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution	Microsoft Visio Viewer VSD File Remote Code Execution Vulnerability	CVE-2012-0018	Cisco IPS Signature 1182-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-032 Vulnerability in TCP/IP Could Allow Elevation of Privilege	Microsoft Windows Firewall Outbound Broadcast Filter Security Bypass Vulnerability	CVE-2012-0174	–	2.3
	Microsoft Windows TCP/IP Double Free Arbitrary Code Execution Vulnerability	CVE-2012-0179	–	6.6
Microsoft Security Bulletin MS12-033 Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege	Microsoft Windows Partition Manager Plug and Play Function Handling Privilege Escalation Vulnerability	CVE-2012-0178	–	6.8
Microsoft Security Bulletin MS12-034 Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight	Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability	CVE-2011-3402	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco Security Manager	9.3
	Microsoft Windows, Office, and Silverlight TrueType Font Processing Vulnerability	CVE-2012-0159	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 1195-0, Cisco Security Manager	9.3
	Microsoft .NET Framework Buffer Allocation Arbitrary Code Execution Vulnerability	CVE-2012-0162	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco Security Manager, Cisco IPS Signature 1193-0	9.3
	Microsoft .NET Framework WPF Index Comparison Denial of Service Vulnerability	CVE-2012-0164	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco Security Manager	4.3
	Microsoft Office and Windows Enhanced Metafile Image Processing Arbitrary Code Execution Vulnerability	CVE-2012-0165	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 1194-0, Cisco Security Manager	9.3
	Microsoft Office Enhanced Metafile Processing Heap Overflow Vulnerability	CVE-2012-0167	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco Security Manager	9.3
	Microsoft Silverlight Double-Free Arbitrary Code Execution Vulnerability	CVE-2012-0176	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco Security Manager	9.3
	Microsoft Windows win32k.sys Kernel Driver Local Privilege Escalation Vulnerability	CVE-2012-0180	–	6.8
	Microsoft Windows win32k.sys Kernel Driver Keyboard Layout Processing Privilege Escalation Vulnerability	CVE-2012-0181	–	6.8
	Microsoft Windows win32k.sys Kernel Mode Driver Privilege Escalation Vulnerability	CVE-2012-1848	–	6.8
Microsoft Security Bulletin MS12-035 Vulnerabilities in .NET Framework Could Allow Remote Code Execution	Microsoft .NET Framework Untrusted Input Serialization Arbitrary Code Execution Vulnerability	CVE-2012-0160	Cisco IPS Signature 1188-0, Cisco Security Manager	9.3
	Microsoft .NET Framework Trusted Assemblies Serialization Arbitrary Code Execution Vulnerability	CVE-2012-0161	Cisco ASA/ASASM/FWSM, Cisco ACE, Cisco IPS Signature 1185-0, Cisco Security Manager	9.3

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco Intrusion Prevention System (IPS) signatures; Cisco ACE Application Control Engine; and firewall inspection are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for May 2012

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Return to Cisco Security Intelligence Operations

Cisco Event Response: Microsoft Security Bulletin Release for May 2012

Information For

Industries

Contacts

News & Alerts

Technology Trends

Support

Communities

Video Portal

About Cisco

Programs