إضغط لتفاصيل الإعلانات



Results 1 to 3 of 3
Share
  1. #1
    Join Date
    Nov 2007
    Location
    Arab world!
    Posts
    6,169
    Blog Entries
    4
    Rep Power
    10

    Exclamation Microsoft Security Bulletin MS12-020 - Critical - Update now

    Microsoft Security Bulletin MS12-020 - Critical

    Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)

    Published:
    Version: 1.0
    General Information

    Executive Summary

    This security update resolves two privately reported vulnerabilities in the Remote Desktop Protocol. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
    This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the subsection, Affected and Non-Affected Software, in this section.
    The security update addresses the vulnerabilities by modifying the way that the Remote Desktop Protocol processes packets in memory and the way that the RDP service processes packets. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
    Recommendation. The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.
    For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.
    See also the section, Detection and Deployment Tools and Guidance, later in this bulletin.
    Known Issues. Microsoft Knowledge Base Article 2671387 documents the currently known issues that customers may experience when installing this security update. The article also documents recommended solutions for these issues.
    Affected and Non-Affected Software

    The following software have been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.
    Affected Software
    Windows XP Service Pack 3
    (KB2621440)
    Remote Code Execution Critical KB2570222 in MS11-065 replaced by KB2621440
    Windows XP Professional x64 Edition Service Pack 2
    (KB2621440)
    Remote Code Execution Critical KB2570222 in MS11-065 replaced by KB2621440
    Windows Server 2003 Service Pack 2
    (KB2621440)
    Remote Code Execution Critical KB2570222 in MS11-065 replaced by KB2621440
    Windows Server 2003 x64 Edition Service Pack 2
    (KB2621440)
    Remote Code Execution Critical KB2570222 in MS11-065 replaced by KB2621440
    Windows Server 2003 with SP2 for Itanium-based Systems
    (KB2621440)
    Remote Code Execution Critical KB2570222 in MS11-065 replaced by KB2621440
    Windows Vista Service Pack 2
    (KB2621440)
    Remote Code Execution Critical No bulletin replaced by KB2621440
    Windows Vista x64 Edition Service Pack 2
    (KB2621440)
    Remote Code Execution Critical No bulletin replaced by KB2621440
    Windows Server 2008 for 32-bit Systems Service Pack 2*
    (KB2621440)
    Remote Code Execution Critical No bulletin replaced by KB2621440
    Windows Server 2008 for x64-based Systems Service Pack 2*
    (KB2621440)
    Remote Code Execution Critical No bulletin replaced by KB2621440
    Windows Server 2008 for Itanium-based Systems Service Pack 2
    (KB2621440)
    Remote Code Execution Critical No bulletin replaced by KB2621440
    Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
    (KB2621440)

    Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
    (KB2667402)
    Remote Code Execution Critical[1] No bulletin replaced by KB2621440


    No bulletin replaced by KB2667402
    Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
    (KB2621440)

    Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
    (KB2667402)
    Remote Code Execution Critical[1] No bulletin replaced by KB2621440



    No bulletin replaced by KB2667402
    Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1*
    (KB2621440)

    Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1*
    (KB2667402)
    Remote Code Execution Critical[1] No bulletin replaced by KB2621440



    No bulletin replaced by KB2667402
    Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
    (KB2621440)

    Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
    (KB2667402)
    Remote Code Execution Critical[1] No bulletin replaced by KB2621440



    No bulletin replaced by KB2667402

    *Server Core installation affected. This update applies, with the same severity rating, to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation option. For more information on this installation option, see the TechNet articles, Managing a Server Core Installation and Servicing a Server Core Installation. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008 and Windows Server 2008 R2; see Compare Server Core Installation Options.
    [1]Update package KB2621440 addresses CVE-2012-0002 and update package KB2667402 addresses CVE-2012-0152. While CVE-2012-0152 has a lower severity rating than KB2621440 on affected versions of Microsoft Windows, the aggregate severity rating is Critical based on CVE-2012-0002. Customers should apply all updates offered for the version of Microsoft Windows installed on their systems.

    Source: http://technet.microsoft.com/en-us/security/bulletin/ms12-020


  2. Facebook Comments - تعليقـك على الفيس بوك يسعدنا ويطور مجهوداتنـا


  3. Forum Ads:

  4. Forum Ads:

    اضفط هنا لمعرفة تفاصيل الإعلانات بالموقع


  5. Forum Ads:

    -->

  6. #2
    Join Date
    Jan 2008
    Location
    Egypt
    Posts
    3,946
    Blog Entries
    1
    Rep Power
    16

    Default

    thank you........

  7. #3
    Join Date
    Nov 2007
    Location
    Arab world!
    Posts
    6,169
    Blog Entries
    4
    Rep Power
    10

  8. Forum Ads:

Similar Threads

  1. Replies: 0
    Last Post: 22-09-2012, 01:11 AM
  2. Microsoft Security Bulletin Summary for November 2010
    By Ibrahim Soliman in forum Microsoft
    Replies: 4
    Last Post: 10-11-2010, 02:05 PM
  3. Replies: 0
    Last Post: 22-05-2010, 09:44 PM
  4. Microsoft Security Bulletin MS10-018 - Critical
    By Mohamed Fouad in forum Microsoft
    Replies: 1
    Last Post: 23-04-2010, 07:03 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

أقسام المنتدى

الروابط النصية

تابع جروبنا على الفيس بوك

صفحة Egypt Engineers على الفيس بوك

تابعنا على linkedin

جروبنا على الياهو جروب