This is the Trace Id: 5c0b71f4b0050a532f05c2e0aa5738b2
Skip to main content Report Security Vulnerability Report Abuse Report Infringement Submission FAQs Reporting Vulnerability Security Update Guide Exploitability index Developer API documentation Frequently Asked Questions Technical Security Notifications Glossary Microsoft Bug Bounty Programs Microsoft Active Protections Program BlueHat Security Conference Researcher Recognition Program Windows Security Servicing Criteria Researcher Resource Center Microsoft Security Response Center Security Research & Defense BlueHat Conference Blog Security Researcher Acknowledgments Online Services Researcher Acknowledgments AI Safety Acknowledgements Security Researcher Leaderboard

Assessing risk for the July 2012 security updates

Security Research & Defense
/ By swiat /

Today we released nine security bulletins addressing 16 CVE’s. Three of the bulletins have a maximum severity rating of Critical and the other six have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.

Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes
MS12-043(MSXML)
Victim browses to a malicious webpage.
Critical
1
We are aware of active attacks leveraging CVE-2012-1889, the single CVE addressed with this bulletin.
All active attacks we have seen leveraged MSXML version 3. MSXML versions 3, 4, and 6 are addressed with this update. MSXML 5 will be addressed in a future security update.Read this SRD blog postfor more information about the mitigating factors making the MSXML 5 less severe than other versions of the product.
MS12-045(MDAC)
Victim browses to a malicious webpage.
Critical
1
Likely to see reliable exploits developed within next 30 days.
MS12-044(Internet Explorer)
Victim browses to a malicious webpage.
Critical
1
Likely to see reliable exploits developed within next 30 days.
Both vulnerabilities affect only Internet Explorer version 9. Versions 6, 7, and 8 are not affected.
MS12-046(DLL Preloading in Visual Basic for Applications [VBA])
Victim navigates to a malicious WebDAV or SMB share and double-clicks on an Office document. Malicious DLL in same folder loads within the Office application, running arbitrary attacker code.
Important
1
We are aware of limited, targeted attacks leveraging CVE-2012-1854, the single CVE addressed with this bulletin.
Affects only a subset of locales where IMESHARE.DLL is not present by default, primarily far eastern locales. Does not, for example, affects English locale installations by default.
MS12-048(Windows Shell)
Victim navigates to a malicious WebDAV or SMB share and double-clicks on a file in a malicious directory.
Important
1
Likely to see reliable exploits developed within next 30 days.
MS12-047(Windows drivers [win32k.sys])
Attacker running code on a machine already elevates from low-privileged account to SYSTEM.
Important
1
Likely to see an exploit released granting a local attacker SYSTEM level access.
MS12-050(SharePoint)
Attacker sends victim a link exploiting a Cross-Site Scripting (XSS) vulnerability on a SharePoint server for which they have access rights. When the victim clicks the link, an automatic action is taken on their behalf on the SharePoint server that they otherwise might not have wanted to execute.
Important
1
Likely to see a XSS exploit developed in next 30 days (no exploit here for code execution on the SharePoint server itself).
The IE XSS Filter (on by default on IE8 and IE9) blocks attempts to exploit these vulnerabilities.
MS12-049(SSL / TLS)
Victim browses to a trusted website via HTTPS. A malicious attacker positioned on the network as a man-in-the-middle under certain circumstances can potentially decrypt the encrypted data.
Important
3
A variant of this issue that does not affect Windows has been discussed publicly. We have seen proof-of-concept code attempting to exploit the similar issue. However, we believe reliable exploitation of this issue on Windows is unlikely due to the nature of the vulnerability.
MS12-051(Mac Office installer)
Victim who has installed Office for Mac 2011 on a multi-user Mac system may inadvertently launch malicious executable placed by a malicious user of the same system due to ACL changes made by the Mac Office installer.
Important
1
Likely to see reliable exploits developed within next 30 days.
Single user Mac installations, or Mac installations where no malicious users are able to replace files, are not vulnerable.

Today we’re releasing Security Advisory 2719662, which allows system administrators to disable the Windows Sidebar and Gadgets on supported versions of Windows Vista and Windows 7 with one Fix it click. And we are releasing Security Advisory 2728973 announcing the availability of an update that moves additional certificates into the Untrusted Certificate Store. This SRD blog post provides additional information about the digital certificates advisory.

- Jonathan Ness, MSRC Engineering

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads