Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Published byAraceli Bivens Modified over 10 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft."— Presentation transcript:

1 Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft Corporation Dustin Childs Group Manager, Response Communications Microsoft Corporation

2 Dial In Number 1-877-593-2001 Pin: 3959 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

3 Dial In Number 1-877-593-2001 Pin: 3959 What We Will Cover Review of September 21, 2012 Bulletin Out-of-Band release information for Security Bulletin MS12-063Review of September 21, 2012 Bulletin Out-of-Band release information for Security Bulletin MS12-063 Security Advisory 2755801Security Advisory 2755801 ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now –Submit Questions via Twitter #MSFTSecWebcast

4 Dial In Number 1-877-593-2001 Pin: 3959 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP1 Severity Critical IMPACT Important Moderate Low MS12-063 Internet Explorer

5 Dial In Number 1-877-593-2001 Pin: 3959 Bulletin Deployment Priority

6 Dial In Number 1-877-593-2001 Pin: 3959 MS12-063: Cumulative Update for Internet Explorer (2744842) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1529CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE-2012-2546CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE-2012-2548CriticalNA2 Remote Code Execution Cooperatively Disclosed CVE-2012-2557CriticalN/A1 Remote Code Execution Cooperatively Disclosed CVE-2012-4969CriticalNA1 Remote Code Execution Publicly Disclosed Affected Products Internet Explorer 6,7,8, & 9 on Windows Clients (except Windows 8) Internet Explorer 6,7,8, & 9 on Windows Servers (except Windows Server 2012) Affected Components IE6, IE7, IE8, and IE9 on Windows clients and Servers Deployment Priority Critical Main Target Workstations and servers running Internet Explorer. Possible Attack Vectors An attacker could host a website that contains a page crafted to exploit this vulnerability.An attacker could host a website that contains a page crafted to exploit this vulnerability. The attacker could also take advantage of compromised websites and websites that accept or host user- provided content or advertisements. Impact of Attack An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user.An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration. By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML emails in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML emails in the Restricted sites zone. Additional Information This bulletin addresses five critical-class issues including CVE-2012-4969, which deprecates Security Advisory 2757760.This bulletin addresses five critical-class issues including CVE-2012-4969, which deprecates Security Advisory 2757760. Installations using Server Core are not affected.Installations using Server Core are not affected.

7 Dial In Number 1-877-593-2001 Pin: 3959 Microsoft Security Advisory 2755801: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 An advisory released on September 21, 2012 addresses vulnerabilities in Adobe Flash Player in Internet Explorer 10 on Windows 8. – –Addresses issues in Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012 – –The majority of customers have automatic updates enabled and will not need to take any action. – –Customers who do not use automatic updates should apply the guidance in the advisory immediately

8 Dial In Number 1-877-593-2001 Pin: 3959 Detection & Deployment

9 Dial In Number 1-877-593-2001 Pin: 3959 Other Update Information

10 Dial In Number 1-877-593-2001 Pin: 3959 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx

11 Dial In Number 1-877-593-2001 Pin: 3959 Questions and Answers Submit text questions using the Ask button.Submit text questions using the Ask button. Dont forget to fill out the survey.Dont forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next months webcast at: http://microsoft.com/technet/security/current.aspxRegister for next months webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

12 Dial In Number 1-877-593-2001 Pin: 3959

Download ppt "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft."

Similar presentations

Patch Management Patch Management in a Windows based environment

Patch Management Patch Management in a Windows based environment
1 Secure Online Presence Savio Fernandes

1 Secure Online Presence Savio Fernandes
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Getting Started with Microsoft Office 365. Getting Started - Overview How to use your existing desktop software to connect to Office 365. Install the.

Getting Started with Microsoft Office 365. Getting Started - Overview How to use your existing desktop software to connect to Office 365. Install the.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
MSDN Connection Get personalised information on the topics and technologies you want Profile yourself today and get updates via RSS Get personalised information.

MSDN Connection Get personalised information on the topics and technologies you want Profile yourself today and get updates via RSS Get personalised information.
More Secure Online Services Powered by the Microsoft SDL Bryan Sullivan Security Program Manager, SDL Microsoft.

More Secure Online Services Powered by the Microsoft SDL Bryan Sullivan Security Program Manager, SDL Microsoft.
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
Monitoring Exchange 2010 with System Center Operations Manager

Monitoring Exchange 2010 with System Center Operations Manager
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Getting Ahead: Integrating Development and Response for Improved Security Steven B. Lipner Director of Security Engineering Strategy Security Business.

Getting Ahead: Integrating Development and Response for Improved Security Steven B. Lipner Director of Security Engineering Strategy Security Business.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications

Similar presentations

Ads by Google