Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Slides:

Advertisements

Similar presentations

Patch Management Patch Management in a Windows based environment

Advertisements

1 Secure Online Presence Savio Fernandes

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

Getting Started with Microsoft Office 365. Getting Started - Overview How to use your existing desktop software to connect to Office 365. Install the.

Unified. Simplified. Unified Communications Launch 2007.

MSDN Connection Get personalised information on the topics and technologies you want Profile yourself today and get updates via RSS Get personalised information.

More Secure Online Services Powered by the Microsoft SDL Bryan Sullivan Security Program Manager, SDL Microsoft.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Monitoring Exchange 2010 with System Center Operations Manager

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

Getting Ahead: Integrating Development and Response for Improved Security Steven B. Lipner Director of Security Engineering Strategy Security Business.

Information for Developers Windows XP Service Pack 2 Information for Developers.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

IT:Network:Microsoft Applications

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

Customizing the Browser Browser Management Deployment MethodsApp Compat.

Information About Microsoft Project and Project Server Cumulative December Update Adrian Jenkins Support Escalation Engineer Microsoft Corporation 1 Brian.

Windows Update Jonathan Scott. What is Windows Update? Windows Update is an online program on the Microsoft Website that updates your computer. You can.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.

Dial In Number Pin: 3959 Information About Microsoft December 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Presenters Lion Dave Large IT and Your Lions Club D.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

2 New Security Bulletins and AdvisoriesNew Security Bulletins and Advisories –1 New Security Advisory –1 New Critical Bulletin –1 New Moderate Bulletin.

Dial In Number Pin: 3959 Information About Microsoft August 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Dial In Number Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager.

Dial In Number Pin: 5639 Information About Microsoft January 2012 Security Bulletins Dustin Childs Sr. Security Program Manager, MSRC Microsoft.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Dial In Number Pin: 3959 Information About Microsoft November 2012 Security Bulletins Jeremy Tinder Security Program Manager Microsoft Corporation.

Dial In Number Pin: 5453 Information About Microsoft June 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation.

®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Dial In Number Pin: 3959 Information About Microsoft January 2013 Security Bulletins Andrew Gross Senior Security Program Manager Microsoft.

C HAPTER 2 Introduction to Windows XP Professional.

二月份資訊安全公告 Feb 16, 2007 Richard Chen 陳政鋒 (Net+, Sec+, MCSE2003+Security, CISSP) 資深技術支援工程師台灣微軟技術支援處.

Dial In Number Pin: 0336 Information About Microsoft February 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

WEBCAST SCHEDULE Today’s event will run one-hour long. Here are the expected times for each segment of the Webcast:  :00 – :05: Moderator introduces the.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Windows XP Service Pack 2 Customer Awareness Workshop XP SP2 Technical Drilldown – Part 1 Craig Schofield Microsoft Ltd. UK September.

FIREWALL. The member in group 1. Bhummikorn M.2/5 No.5 2.Borwornrat Khrongsiriwat M.2/5 No.6 3. Panaphon sangobsakun M.2/5 No.20 4.Kalint Muangsornkeaw.

YOUR NAME Business Development Manager Microsoft Corporation YOUR OR WEBSITE

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Colors In This Template Useful for testing projectors during setup.

Richard Chen 陳政鋒 (Net+, Sec+, MCSE2003+Security, CISSP) 資深技術支援工程師台灣微軟技術支援處五月份資訊安全公告 May 10, 2007.

Information About Microsoft Out-of-Band Security Bulletins.

Internet Explorer 7 Updated Advice for the NHS 04 February 2008 Version 1.3.

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Information About Microsoft’s August 2004 Security Bulletins August 13, 2004 Feliciano Intini, CISSP, MCSE Security Advisor Premier Security Center Microsoft.

十月份資訊安全公告 Oct 12, 2006 Richard Chen 陳政鋒 (Net+, Sec+, MCSE2003+Security, CISSP) 資深技術支援工程師台灣微軟技術支援處.

Severity and Exploitability Index

5/12/2019 2:57 PM © Microsoft Corporation. All rights reserved.

Designing IIS Security (IIS – Internet Information Service)

SharePoint Server Assessment Results

In the attack index…what number is your Company?

Using Software Restriction Policies

Presentation transcript:

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft Corporation Dustin Childs Group Manager, Response Communications Microsoft Corporation

Dial In Number Pin: 3959 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

Dial In Number Pin: 3959 What We Will Cover Review of September 21, 2012 Bulletin Out-of-Band release information for Security Bulletin MS12-063Review of September 21, 2012 Bulletin Out-of-Band release information for Security Bulletin MS Security Advisory Security Advisory ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now –Submit Questions via Twitter #MSFTSecWebcast

Dial In Number Pin: 3959 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP1 Severity Critical IMPACT Important Moderate Low MS Internet Explorer

Dial In Number Pin: 3959 Bulletin Deployment Priority

Dial In Number Pin: 3959 MS12-063: Cumulative Update for Internet Explorer ( ) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE CriticalNA2 Remote Code Execution Cooperatively Disclosed CVE CriticalN/A1 Remote Code Execution Cooperatively Disclosed CVE CriticalNA1 Remote Code Execution Publicly Disclosed Affected Products Internet Explorer 6,7,8, & 9 on Windows Clients (except Windows 8) Internet Explorer 6,7,8, & 9 on Windows Servers (except Windows Server 2012) Affected Components IE6, IE7, IE8, and IE9 on Windows clients and Servers Deployment Priority Critical Main Target Workstations and servers running Internet Explorer. Possible Attack Vectors An attacker could host a website that contains a page crafted to exploit this vulnerability.An attacker could host a website that contains a page crafted to exploit this vulnerability. The attacker could also take advantage of compromised websites and websites that accept or host user- provided content or advertisements. Impact of Attack An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user.An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration. By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML s in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML s in the Restricted sites zone. Additional Information This bulletin addresses five critical-class issues including CVE , which deprecates Security Advisory This bulletin addresses five critical-class issues including CVE , which deprecates Security Advisory Installations using Server Core are not affected.Installations using Server Core are not affected.

Dial In Number Pin: 3959 Microsoft Security Advisory : Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 An advisory released on September 21, 2012 addresses vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8. – –Addresses issues in Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012 – –The majority of customers have automatic updates enabled and will not need to take any action. – –Customers who do not use automatic updates should apply the guidance in the advisory immediately

Dial In Number Pin: 3959 Detection & Deployment

Dial In Number Pin: 3959 Other Update Information

Dial In Number Pin: 3959 Resources Blogs Microsoft Security Response Center (MSRC) blog: Security Response Center (MSRC) blog: Security Research & Defense blog: Research & Defense blog: Microsoft Malware Protection Center Blog: Malware Protection Center Blog: Twitter Security Centers Microsoft Security Home Page: Security Home Page: TechNet Security Center: Security Center: MSDN Security Developer Center: us/security/default.aspxMSDN Security Developer Center: us/security/default.aspx us/security/default.aspx us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: ary.mspxSecurity Bulletins Summary: ary.mspx ary.mspx ary.mspx Security Bulletins Search: Bulletins Search: Security Advisories: Advisories: Microsoft Technical Security Notifications: mspxMicrosoft Technical Security Notifications: mspx mspx mspx Microsoft Security Newsletter: Security Newsletter: Other Resources Update Management Process e/patchmanagement/secmod193.mspxUpdate Management Process e/patchmanagement/secmod193.mspx e/patchmanagement/secmod193.mspx e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: ners.mspxMicrosoft Active Protection Program Partners: ners.mspx ners.mspx ners.mspx

Dial In Number Pin: 3959 Questions and Answers Submit text questions using the Ask button.Submit text questions using the Ask button. Dont forget to fill out the survey.Dont forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: recording of this webcast will be available within 48 hours on the MSRC Blog: Register for next months webcast at: for next months webcast at:

Dial In Number Pin: 3959