Here comes the second batch of security updates in 2012, total 9 of them, 4 of which labeled as critical while the rest of 5 important. All 9 updates will be released and available today Feb. 14, another way of celebrating Valentine’s day.
MS12-008 – Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465).
Summery: these vulnerabilities could allow remote code execution if a user visits a website containing specially crafted content or if a specially crafted application is run locally.
MS12-010 – Cumulative security update for Internet Explorer (2657516)
Summery: resolves four privately reported vulnerabilities in Internet Explorer. This actually marks as Internet Explorer 9.0.5.
MS12-013 – Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428)
Summery: The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment.
MS12-016 – Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026)
Summery: resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerabilities could allow remote code execution on a client system if a user views a specially crafted web page using a web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications.
MS12-009 – Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
Summery: resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a user’s system and runs a specially crafted application.
MS12-011 – Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841)
Summery: resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL.
MS12-012 – Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)
Summery: resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .icm or .icc file) that is located in the same directory as a specially crafted dynamic link library (DLL) file.
MS12-014 – Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637)
Summery: resolves one publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .avi file) that is located in the same directory as a specially crafted dynamic link library (DLL) file.
MS12-015 – Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510)
Summery: resolves five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Visio file.
It would be a good idea checking your Windows Update to make sure these applied security updates are properly installed on your computer. If for some reason it didn’t, make sure install them manually. You can type “Windows update” from Start menu to launch it.
As usual, Microsoft will also be hosting a webcast to address customer questions tomorrow on Feb 15, 2012.
Darn it, time to go update my own Windows 7 machine.
![image19[1]](http://www.nextofwindows.com/wp-content/uploads/2013/02/image1912-150x150.png)
