Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Published byCarmel Taylor Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation."— Presentation transcript:

1 Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation Pete Voss Sr. Response Communications Manager Microsoft Corporation

2 Dial In Number 1-800-227-8104 Pin: 3879 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

3 Dial In Number 1-800-227-8104 Pin: 3879 What We Will Cover Review of May 2012 Bulletin Release InformationReview of May 2012 Bulletin Release Information –New Security Bulletins –Security Advisory 2695962 –Microsoft ® Windows ® Malicious Software Removal Tool ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now –Submit Questions via Twitter #MSFTSecWebcast

4 Dial In Number 1-800-227-8104 Pin: 3879 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP1223312 Severity Critical IMPACT Important Moderate Low MS12-029MS12-030MS12-031MS12-032MS12-033MS12-034MS12-035 OfficeOfficeVisioWindows Windows Office, Windows,.NET, Silverlight.NET

5 Dial In Number 1-800-227-8104 Pin: 3879 Bulletin Deployment Priority

6 Dial In Number 1-800-227-8104 Pin: 3879 MS12-029: Vulnerability In Microsoft Word Could Allow Remote Code Execution (2680352) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0183CriticalN/A1 Remote Code Execution Cooperatively Disclosed Affected Products Office 2007 SP2, SP3 Office 2003 SP3, Office 2008 For Mac, Office For Mac 2011, Office Compatibility Pack SP2, Office Compatibility Pack SP3 Affected Components Microsoft Word Deployment Priority 1 Main Target Workstations Possible Attack Vectors Web-Browsing Scenario: An attacker could host a website that contains an RTF file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability.Web-Browsing Scenario: An attacker could host a website that contains an RTF file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment.Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Impact of Attack An attacker who successfully exploited this vulnerability could cause arbitrary code to run with the privileges of the user who opens a specially crafted RTF file or previews or opens a specially crafted RTF email message.An attacker who successfully exploited this vulnerability could cause arbitrary code to run with the privileges of the user who opens a specially crafted RTF file or previews or opens a specially crafted RTF email message. Mitigating Factors An attacker would have no way to force a user to visit a malicious website.An attacker would have no way to force a user to visit a malicious website. Additional Information For Microsoft Word 2007, in addition to security update package KB2596917, customers also need to install the security update for Microsoft Office Compatibility Pack (KB2596880) to be protected from the vulnerability described in this bulletin.For Microsoft Word 2007, in addition to security update package KB2596917, customers also need to install the security update for Microsoft Office Compatibility Pack (KB2596880) to be protected from the vulnerability described in this bulletin.KB2596917KB2596880KB2596917KB2596880 Workarounds:Workarounds: Read email in plain text (for more, consult KB831607).Read email in plain text (for more, consult KB831607).KB831607 Use Office File Block Policy to block the opening of RTF documents from unknown or untrusted sources or locations.Use Office File Block Policy to block the opening of RTF documents from unknown or untrusted sources or locations.

7 Dial In Number 1-800-227-8104 Pin: 3879 MS12-030: Vulnerabilities In Microsoft Office Could Allow Remote Code Execution (2663830) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0141Important33 Remote Code Execution Cooperatively Disclosed CVE-2012-0142Important33 Remote Code Execution Cooperatively Disclosed CVE-2012-0143ImportantN/A1 Remote Code Execution Publicly Disclosed CVE-2012-0184Important31 Remote Code Execution Cooperatively Disclosed CVE-2012-0185Important22 Remote Code Execution Cooperatively Disclosed CVE-2012-1847Important11 Remote Code Execution Cooperatively Disclosed Affected Products Microsoft Office 2010 SP1, Office 2010, Office 2007 SP3, Office 2007 SP2, Office 2003 SP3, Office 2008 for Mac, Office for Mac 2011, Microsoft Excel Viewer, Office Compatibility Pack SP2 and SP3 Affected Components Microsoft Excel Deployment Priority 2 Main Target Workstations Possible Attack Vectors Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability.Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment.Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user.An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors An attacker would have no way to force users to visit a website or open an email attachment.An attacker would have no way to force users to visit a website or open an email attachment. The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message.The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message. Additional Information For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162).For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162).KB2597161KB2597162KB2597161KB2597162 Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update.Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update.

8 Dial In Number 1-800-227-8104 Pin: 3879 MS12-031: Vulnerability In Microsoft Visio Viewer Could Allow Remote Code Execution (2597981) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0018Important1N/A Remote Code Execution Cooperatively Disclosed Affected Products All supported versions of Microsoft Visio Viewer 2010 Affected Components Visio Viewer Deployment Priority 2 Main Target Workstations Possible Attack Vectors Web-Browsing Scenario: An attacker could host a website that contains a Visio file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user- provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability.Web-Browsing Scenario: An attacker could host a website that contains a Visio file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user- provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment.Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. Mitigating Factors An attacker would have no way to force users to visit a website or open an email attachment.An attacker would have no way to force users to visit a website or open an email attachment. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites Zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites Zone.

9 Dial In Number 1-800-227-8104 Pin: 3879 MS12-032: Vulnerability In TCP/IP Could Allow Elevation of Privilege (2688338) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0174ImportantN/AN/A Security Bypass Cooperatively Disclosed CVE-2012-0179Important1N/A Elevation of Privilege Publicly Disclosed Affected Products All supported versions of Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2 Affected Components Windows Firewall, TCP/IP Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors CVE-2012-0174:CVE-2012-0174: In order to use this vulnerability, an attacker would first have to gain access to the local subnet of the target computer. An attacker could then use another vulnerability to acquire information about the target system or execute code on the target system.In order to use this vulnerability, an attacker would first have to gain access to the local subnet of the target computer. An attacker could then use another vulnerability to acquire information about the target system or execute code on the target system. CVE-2012-0179:CVE-2012-0179: To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. Impact of Attack CVE-2012-0174:CVE-2012-0174: An attacker who successfully exploited this vulnerability could bypass Windows Firewall.An attacker who successfully exploited this vulnerability could bypass Windows Firewall. CVE-2012-0179:CVE-2012-0179: An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. Mitigating Factors CVE-2012-0174:CVE-2012-0174: An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. CVE-2012-0179:CVE-2012-0179: Microsoft has not identified any mitigating factors for this vulnerability.Microsoft has not identified any mitigating factors for this vulnerability.

10 Dial In Number 1-800-227-8104 Pin: 3879 MS12-033: Vulnerability In Windows Partition Manager Could Allow Elevation of Privilege (2690533) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0178Important11 Elevation of Privilege Cooperatively Disclosed Affected Products All supported versions of Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2 Affected Components Windows Partition Manager Deployment Priority 3 Main Target Workstations and Servers Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. Then, an attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.To exploit this vulnerability, an attacker would first have to log on to the system. Then, an attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

11 Dial In Number 1-800-227-8104 Pin: 3879 MS12-034: Combined Security Update For Microsoft Office, Windows,.NET Framework, and Silverlight (2681578) Slide 1 of 3 CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3402Critical11 Remote Code Execution Publicly Disclosed CVE-2012-0159Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-0162Critical1N/A Remote Code Execution Cooperatively Disclosed CVE-2012-0164ModerateN/AN/A Denial of Service Publicly Disclosed CVE-2012-0165Important21 Remote Code Execution Cooperatively Disclosed CVE-2012-0167ImportantN/A1 Remote Code Execution Cooperatively Disclosed CVE-2012-0176CriticalN/A1 Remote Code Execution Cooperatively Disclosed CVE-2012-0180Important11 Elevation of Privilege Cooperatively Disclosed CVE-2012-0181Important31 Elevation of Privilege Publicly Disclosed CVE-2012-1848Important11 Elevation of Privilege Cooperatively Disclosed Affected Products and Components All supported versions of Windows and Windows Server, All supported versions of.NET 3,.NET 3.5.1, and.NET 4; Microsoft Silverlight 4, Microsoft Silverlight 5 All supported versions of Office (except Compatibility Pack SP2 and SP3, and Office For Mac).NET Framework Deployment Priority 1 Main Target Workstations and Servers

12 Dial In Number 1-800-227-8104 Pin: 3879 Affected Products and Components All supported versions of Windows and Windows Server; All supported versions of.NET 3,.NET 3.5.1, and.NET 4; Microsoft Silverlight 4, Microsoft Silverlight 5 All supported versions of Office (except Compatibility SP2 and SP3, and Office For Mac).NET Framework Possible Attack Vectors CVE-2011-3402, CVE-2012-0159, CVE-2012-0165:CVE-2011-3402, CVE-2012-0159, CVE-2012-0165: File Sharing Scenario: An attacker could exploit this vulnerability by convincing a user to open a specially crafted document file or malicious image on a file or network share.File Sharing Scenario: An attacker could exploit this vulnerability by convincing a user to open a specially crafted document file or malicious image on a file or network share. CVE-2011-3402, CVE-2012-0159, CVE-2012-0162, CVE-2012-0165, CVE-2012-0176, CVE-2012-0167:CVE-2011-3402, CVE-2012-0159, CVE-2012-0162, CVE-2012-0165, CVE-2012-0176, CVE-2012-0167: Web-Browsing Scenario: An attacker could host a website that contains a webpage that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. In the case of CVE-2012- 0167, a webpage would have to host a specially crafted Office document.Web-Browsing Scenario: An attacker could host a website that contains a webpage that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. In the case of CVE-2012- 0167, a webpage would have to host a specially crafted Office document. CVE-2012-0159, CVE-2012-0180, CVE-2012-0181, CVE-2012-1848:CVE-2012-0159, CVE-2012-0180, CVE-2012-0181, CVE-2012-1848: Local Attack Scenario: To exploit this vulnerability, an attacker would first have to log on to the system. Then, an attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.Local Attack Scenario: To exploit this vulnerability, an attacker would first have to log on to the system. Then, an attacker could run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. CVE-2012-0164:CVE-2012-0164: An unauthenticated attacker could send a small number of specially crafted requests to an affected site.An unauthenticated attacker could send a small number of specially crafted requests to an affected site. CVE-2012-0165, CVE-2012-0167:CVE-2012-0165, CVE-2012-0167: Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment.Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. CVE-2011-3402 RCE CVE-2012-0159 RCE CVE-2012-0162 RCE CVE-2012-0164 DoS CVE-2012-0165 RCE CVE-2012-0167 RCE CVE-2012-0176 RCE CVE-2012-0180 EoP CVE-2012-0181 EoP CVE-2012-1848 EoP MS12-034: Combined Security Update For Microsoft Office, Windows,.NET Framework, and Silverlight (2681578) Slide 2 of 3

13 Dial In Number 1-800-227-8104 Pin: 3879 Affected Products and Components All supported versions of Windows and Windows Server, All supported versions of.NET 3,.NET 3.5.1, and.NET 4; Microsoft Silverlight 4, Microsoft Silverlight 5 All supported versions of Office (except Compatibility SP2 and SP3, and Office For Mac).NET Framework Impact of Attack CVE-2011-3402, CVE-2012-0159, CVE-2012-0162, CVE-2012-0165, CVE-2012-0167, CVE-2012-0176: An attacker successfully exploiting this issue could gain the same user rights as a logged-on user. CVE-2012-0159: An attacker who successfully exploited this vulnerability could run arbitrary code in Kernel mode and take complete control of an affected system. CVE-2012-0181, CVE-2012-1848: An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. CVE-2012-0164: An attacker could cause applications created using WPF APIs that are running on a user's system to stop responding until manually restarted. Mitigating Factors CVE-2011-3402, CVE-2012-0159, CVE-2012-0162, CVE-2012-0165, CVE-2012-0167, CVE-2012-0176: An attacker would have no way to force users to visit a website or open an email attachment. CVE-2011-3402, CVE-2012-0159: By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted Sites Zone. CVE-2012-0162, CVE-2012-0176, CVE-2012-1848: By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security Configuration CVE-2012-0180, CVE-2012-0181: An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. CVE-2012-0162: On systems where MS11-044 has been applied, users will be prompted before XBAP applications will execute when in the Internet Zone of Internet Explorer. A user must click through this prompt in order to run the XBAP application on their system.MS11-044 CVE-2012-0164: Microsoft has not identified any mitigating factors for this vulnerability. CVE-2011-3402 RCE CVE-2012-0159 RCE CVE-2012-0162 RCE CVE-2012-0164 DoS CVE-2012-0165 RCE CVE-2012-0167 RCE CVE-2012-0176 RCE CVE-2012-0180 EoP CVE-2012-0181 EoP CVE-2012-1848 EoP MS12-034: Combined Security Update For Microsoft Office, Windows,.NET Framework, and Silverlight (2681578) Slide 3 of 3

14 Dial In Number 1-800-227-8104 Pin: 3879 MS12-035: Vulnerabilities in.NET Framework Could Allow Remote Code Execution (2693777) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0160Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-0161Critical11 Remote Code Execution Cooperatively Disclosed Affected Products All supported versions of.NET Framework on all supported versions of Windows and Windows Server Affected Components.NET Framework Deployment Priority 2 Main Target Workstations and Servers Possible Attack Vectors Web-Browsing Scenario: An attacker could host a specially crafted website that contains a specially crafted XBAP (XAML browser application) that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability.Web-Browsing Scenario: An attacker could host a specially crafted website that contains a specially crafted XBAP (XAML browser application) that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions.This vulnerability could also be used by Windows.NET applications to bypass Code Access Security (CAS) restrictions. Impact of Attack An attacker successfully exploiting this issue could gain the same user rights as a logged-on user.An attacker successfully exploiting this issue could gain the same user rights as a logged-on user. Mitigating Factors An attacker would have no way to force users to visit a website.An attacker would have no way to force users to visit a website. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration Standard.NET Framework applications are not affected by this vulnerability. Only specially crafted.NET Framework applications could exploit this vulnerability. (CVE-2012-0160)Standard.NET Framework applications are not affected by this vulnerability. Only specially crafted.NET Framework applications could exploit this vulnerability. (CVE-2012-0160) Additional Information.NET Framework 4 and.NET Framework 4 Client Profile Affected.NET Framework 4 and.NET Framework 4 Client Profile Affected

15 Dial In Number 1-800-227-8104 Pin: 3879 Security Advisory 2695962 – Remote Code Execution Update Rollup For Active X Kill Bits This update sets the kill bits for the following third-party software: Cisco Clientless VPN solution.This update sets the kill bits for the following third-party software: Cisco Clientless VPN solution. – –Installing this update will block the vulnerable control from running in Internet Explorer. – –For more information regarding security issues in the Cisco Clientless VPN solution ActiveX control, please see the Cisco Security Advisory, Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability.Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability This advisory affects all supported versions of Windows.This advisory affects all supported versions of Windows.

16 Dial In Number 1-800-227-8104 Pin: 3879 Detection & Deployment *Except in Microsoft Office 2008 for Mac and Microsoft Office for Mac 2011 **Except Silverlight 4 installed on Mac OS

17 Dial In Number 1-800-227-8104 Pin: 3879 Other Update Information

18 Dial In Number 1-800-227-8104 Pin: 3879 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: – –Win32/Unruy: A trojan that is capable of connecting to certain remote servers to download and execute arbitrary files. It can also delete files, schedule tasks, and perform other actions. Depending on the computer's Internet Explorer settings, may also disable third-party browser extensions and BHOs from running.Win32/Unruy: – –Win32/Dishigy: A trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". It sends captured data to a remote attacker and is capable of downloading additional malicious components.Win32/ For the first time, Microsoft is releasing MSRT to Windows 8 machines.For the first time, Microsoft is releasing MSRT to Windows 8 machines. Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.Is offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove. www.microsoft.com/malwareremove

19 Dial In Number 1-800-227-8104 Pin: 3879 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en-us/security/default.aspx http://msdn.microsoft.com/en-us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx www.microsoft.com/technet/security/bulletin/summary. mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify.mspx www.microsoft.com/technet/security/bulletin/notify.mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidance/pat chmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx http://www.microsoft.com/security/msrc/mapp/partners. mspx

20 Dial In Number 1-800-227-8104 Pin: 3879 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

21 Dial In Number 1-800-227-8104 Pin: 3879

Download ppt "Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation."

Similar presentations

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Monthly Security Bulletin Briefing

Monthly Security Bulletin Briefing
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.
Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Similar presentations

Ads by Google