Cisco Event Response: Microsoft Security Bulletin Release for October 2012

October 9, 2012

Microsoft published its monthly security bulletin release on October 9, 2012. Microsoft released seven bulletins that addressed twenty vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows, Microsoft Office Word, Microsoft SQL Server, Microsoft Works, Microsoft InfoPath, Microsoft SharePoint, and Microsoft FAST Search Server 2010 for Sharepoint. The vulnerabilities could allow an attacker to cause a denial of service condition, gain escalated privileges, execute arbitrary code, or conduct cross-site scripting attacks.

Description: SIO globe art

Cisco Security
Intelligence Operations

Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin	Cisco IntelliShield Alert	CVE ID	Cisco Mitigations	CVSS Base Score
Microsoft Security Bulletin MS12-064 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution	Microsoft Word PAPX Section Processing Arbitrary Code Execution Vulnerability	CVE-2012-0182	Cisco IPS Signature 1501/0, 1501/1, Cisco Security Manager	9.3
	Microsoft Word RTF File listid Use-After-Free Remote Code Execution Vulnerability	CVE-2012-2528	Cisco IPS Signature 1495-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-065 Vulnerability in Microsoft Works Could Allow Remote Code Execution	Microsoft Works DOC Heap Remote Code Execution Vulnerability	CVE-2012-2550	Cisco IPS Signature 1496-0, Cisco Security Manager	9.3
Microsoft Security Bulletin MS12-066 Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege	Multiple Microsoft Products HTML Processing Cross-Site Scripting Vulnerability	CVE-2012-2520	–	4.3
Microsoft Security Bulletin MS12-067 Vulnerability in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution	Oracle Outside In Technology CDR File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1766	–	9.3
	Oracle Outside In Technology DOC File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1767	–	9.3
	Oracle Outside In Technology DPT File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1768	–	9.3
	Oracle Outside In Technology JP2 File Parsing Remote Code Execution Vulnerability	CVE-2012-1769	–	9.3
	Oracle Outside In Technology LWP File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1770	–	9.3
	Oracle Outside In Technology ODG File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1771	–	9.3
	Oracle Outside In Technology PCX File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1772	–	9.3
	Oracle Outside In Technology PDF File Remote Arbitrary Code Execution Vulnerability	CVE-2012-1773	–	9.3
	Oracle Outside In Technology SAM File Remote Arbitrary Code Execution Vulnerability	CVE-2012-3106	–	9.3
	Oracle Outside In Technology SXD File Remote Arbitrary Code Execution Vulnerability	CVE-2012-3107	–	9.3
	Oracle Outside In Technology SXI File Remote Arbitrary Code Execution Vulnerability	CVE-2012-3108	–	9.3
	Oracle Outside In Technology VSD File Remote Arbitrary Code Execution Vulnerability	CVE-2012-3109	–	9.3
	Oracle Outside In Technology WSD File Remote Arbitrary Code Execution Vulnerability	CVE-2012-3110	–	9.3
Microsoft Security Bulletin MS12-068 Vulnerability in Windows Kernel Could Allow Elevation of Privilege	Microsoft Windows Kernel win32k.sys Driver Integer Overflow Vulnerability	CVE-2012-2529	–	6.8
Microsoft Security Bulletin MS12-069 Vulnerability in Kerberos Could Allow Denial of Service	Microsoft Windows Kerberos Session Handling NULL Pointer Dereference Denial of Service Vulnerability	CVE-2012-2551	Cisco IOS Netflow, Cisco Security Manager, Cisco IOS access lists	7.8
Microsoft Security Bulletin MS12-070 Vulnerability in SQL Server Could Allow Elevation of Privilege	Microsoft SQL Server Report Manager Reflected Cross-Site Scripting Vulnerability	CVE-2012-2552	Cisco IPS Signature 1498-0, Cisco Security Manager	4.3

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Security Manager; Cisco Intrusion Prevention System (IPS) signatures and Cisco IOS NetFlow are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for October 2012

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.

Return to Cisco Security Intelligence Operations

Cisco Event Response: Microsoft Security Bulletin Release for October 2012

Information For

Industries

Contacts

News & Alerts

Technology Trends

Support

Communities

Video Portal

About Cisco

Programs