Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft August 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Published byOpal Rich Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft August 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft."— Presentation transcript:

1 Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft August 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation Dustin Childs Group Manager, Response Communications Microsoft Corporation

2 Dial In Number 1-877-593-2001 Pin: 3959 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

3 Dial In Number 1-877-593-2001 Pin: 3959 What We Will Cover Review of August 2012 Bulletin Release InformationReview of August 2012 Bulletin Release Information –New Security Bulletins –Security Advisory 2661254 –Re-release of Bulletin MS12-043 –Microsoft ® Windows ® Malicious Software Removal Tool ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now –Submit Questions via Twitter #MSFTSecWebcast

4 Dial In Number 1-877-593-2001 Pin: 3959 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP121323231 Severity Critical IMPACT Important Moderate Low MS12-052MS12-053MS12-054MS12-055MS12-056MS12-057MS12-058MS12-059MS12-060 Internet Explorer Office ExchangeWindows Windows Windows JScript & VBScript OfficeWindows

5 Dial In Number 1-877-593-2001 Pin: 3959 Bulletin Deployment Priority

6 Dial In Number 1-877-593-2001 Pin: 3959 MS12-052: Cumulative Security Update for Internet Explorer (2722913) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1526Critical31 Remote Code Execution Cooperatively Disclosed CVE-2012-2521Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-2522Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-2523Important22 Remote Code Execution Cooperatively Disclosed Affected Products Internet Explorer 6, 7, 8, & 9 on Windows clients Internet Explorer 6, 7, 8 & 9 on Windows Servers Affected Components Internet Explorer Deployment Priority 1 Main Target Servers and workstations using IE Possible Attack Vectors An attacker could host a website that contains a maliciously crafted page designed to exploit this vulnerability.An attacker could host a website that contains a maliciously crafted page designed to exploit this vulnerability. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engineAn attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine Impact of Attack An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user.An attacker who successfully exploited these vulnerabilities could obtain the same permissions as the currently logged-on user. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML emails in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML emails in the Restricted sites zone. Additional Information Installations using Server Core are not affected.Installations using Server Core are not affected. Customers with Internet Explorer 8 installed on their systems can address the vulnerability described in CVE-2012- 2523 by installing the KB2706045 update.Customers with Internet Explorer 8 installed on their systems can address the vulnerability described in CVE-2012- 2523 by installing the KB2706045 update.

7 Dial In Number 1-877-593-2001 Pin: 3959 MS12-053: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1889CriticalNA2 Remote Code Execution Cooperatively Disclosed Affected Products Windows XP SP3 Affected Components Remote Desktop Protocol Deployment Priority 2 Main Target Systems with RDP enabled Possible Attack Vector For systems running supported editions of Windows XP, a remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system.For systems running supported editions of Windows XP, a remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system. Impact of Attack An attacker who successfully exploited this vulnerability could take complete control of the affected system.An attacker who successfully exploited this vulnerability could take complete control of the affected system. Mitigating Factors By default, the Remote Desktop Protocol is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Note that on Windows XP, Remote Assistance can enable RDP.By default, the Remote Desktop Protocol is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Note that on Windows XP, Remote Assistance can enable RDP. Additional Information There are no known attacks against this vulnerability in the wild.There are no known attacks against this vulnerability in the wild.

8 Dial In Number 1-877-593-2001 Pin: 3959 MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1850ImportantNANA Denial of Service Cooperatively Disclosed CVE-2012-1851CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE-2012-1852CriticalNA1 Remote Code Execution Cooperatively Disclosed CVE-2012-1853CriticalNA1 Remote Code Execution Cooperatively Disclosed Affected Products All supported versions of Windows XP and Windows Server 2003 All supported versions of Vista All supported versions of Windows Server 2008 and 2008 R2, Windows 7 Affected Components Windows Networking Components Deployment Priority 1 Main Target Servers and workstations Possible Attack Vectors A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RAP packets to the target system. (CVE-2012-1850)A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RAP packets to the target system. (CVE-2012-1850) A remote unauthenticated attacker could exploit the vulnerability by responding to the print spooler's requests with a specially crafted response. (CVE-2012-1851/1852/1853)A remote unauthenticated attacker could exploit the vulnerability by responding to the print spooler's requests with a specially crafted response. (CVE-2012-1851/1852/1853) Impact of Attack An attacker who successfully exploited this vulnerability could cause the service to stop responding. (CVE-2012-1850)An attacker who successfully exploited this vulnerability could cause the service to stop responding. (CVE-2012-1850) An attacker who successfully exploited this vulnerability could run arbitrary code on a user's system with system privileges. (CVE-2012-1851/1852/1853)An attacker who successfully exploited this vulnerability could run arbitrary code on a user's system with system privileges. (CVE-2012-1851/1852/1853) Mitigating Factors Network level access controls can be used to mitigate the vulnerabilities addressed in this bulletinNetwork level access controls can be used to mitigate the vulnerabilities addressed in this bulletin Additional Information Installations using Server 2008 Core are affected and rated as Moderate.Installations using Server 2008 Core are affected and rated as Moderate.

9 Dial In Number 1-877-593-2001 Pin: 3959 MS12-055: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2731847) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1854Important11 Elevation of Privilege Cooperatively Disclosed Affected Products All supported versions of Windows and Windows Server Affected Components Windows Kernel-Mode Drivers Deployment Priority 3 Main Target Workstations Possible Attack Vectors To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

10 Dial In Number 1-877-593-2001 Pin: 3959 MS12-056: Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-2523Important22 Remote Code Execution Cooperatively Disclosed Affected Products JScript 5.8 and VBScript 5.8 on all supported 64-bit versions of Windows XP, Windows 7 JScript 5.8 and VBScript 5.8 on all supported 64-bit versions of Windows Server 2003, 2008 and 2008R2 Affected Components JScript and VBScript scripting engines Deployment Priority 2 Main Target Systems where IE 8 and IE 9 are used Possible Attack Vectors An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine.An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. Impact of Attack An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Mitigating Factors An attacker would have no way to force user to visit a malicious website.An attacker would have no way to force user to visit a malicious website. Only 64-bit versions of Microsoft Windows that are additionally configured to use the 64-bit version of Internet Explorer are affected by this vulnerability.Only 64-bit versions of Microsoft Windows that are additionally configured to use the 64-bit version of Internet Explorer are affected by this vulnerability. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration Additional Information The JavaScript Integer Overflow Remote Code Execution Vulnerability (CVE-2012-2523) described in this bulletin is also addressed by MS12-052.The JavaScript Integer Overflow Remote Code Execution Vulnerability (CVE-2012-2523) described in this bulletin is also addressed by MS12-052. Installations using Server Core are not affected.Installations using Server Core are not affected.

11 Dial In Number 1-877-593-2001 Pin: 3959 MS12-057: Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2731879) CVESeverity Exploitability Comment Cooperatively Disclosed Latest Software Older Versions CVE-2012-2524Important33 Remote Code Execution Cooperatively Disclosed Affected Products Office 2007 SP2 and SP3, Office 2010 SP1 (x86 and 64-bit) Affected Components Office Deployment Priority 3 Main Target Workstations Possible Attack Vectors This vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office or insert a specially crafted CGM file into a document with an affected version of Microsoft Office.This vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office or insert a specially crafted CGM file into a document with an affected version of Microsoft Office. In a web-based attack scenario, In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted file that is used to attempt to exploit this vulnerability.In a web-based attack scenario, In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted file that is used to attempt to exploit this vulnerability. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted file to the user and by convincing the user to open the file.In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted file to the user and by convincing the user to open the file. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the current user.An attacker who successfully exploited this vulnerability could run arbitrary code as the current user. Mitigating Factors The vulnerability cannot be exploited automatically through email.The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message.For an attack to be successful a user must open an attachment that is sent in an email message. An attacker would have no way to force user to visit a malicious website.An attacker would have no way to force user to visit a malicious website. Additional Information Microsoft has no indication that this issue is under active attack in the wild.Microsoft has no indication that this issue is under active attack in the wild.

12 Dial In Number 1-877-593-2001 Pin: 3959 MS12-058: Vulnerability in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358) CVESeverity Exploitability CommentNote Latest Software Older Versions See Note Below Critical11 Remote Code Execution Publicly Disclosed Affected Products Exchange Server 2007 SP3, Exchange Server 2010 SP1 and SP2 Affected Components WebReady Document Viewing Deployment Priority 2 Main Target Exchange Servers Possible Attack Vectors An attacker could send an email message containing a specially crafted file to a user on an affected version of Exchange. When the user previews the specially crafted file in the browser, arbitrary code could be run on the Exchange server.An attacker could send an email message containing a specially crafted file to a user on an affected version of Exchange. When the user previews the specially crafted file in the browser, arbitrary code could be run on the Exchange server. Impact of Attack An attacker who successfully exploited these vulnerabilities could run arbitrary code as LocalService.An attacker who successfully exploited these vulnerabilities could run arbitrary code as LocalService. Mitigating Factors The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network. Additional Information This update addresses 13 vulnerabilities in the Oracle Outside In Library. See bulletin for specific CVEsThis update addresses 13 vulnerabilities in the Oracle Outside In Library. See bulletin for specific CVEs This issue was discussed last month in Security Advisory 2737111, published July 24.This issue was discussed last month in Security Advisory 2737111, published July 24.

13 Dial In Number 1-877-593-2001 Pin: 3959 MS12-059: Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1888Important11 Remote Code Execution Cooperatively Disclosed Affected Products Visio 2010 (32-bit and 64-bit), Visio Viewer 2010 (32-bit and 64-bit), Affected Components Visio Deployment Priority 3 Main Target Workstations that use Visio Possible Attack Vectors This vulnerability requires that a user open a specially crafted file with an affected version of Visio.This vulnerability requires that a user open a specially crafted file with an affected version of Visio. In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability.In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted Visio file that is used to attempt to exploit this vulnerability. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file.In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Visio file to the user and by convincing the user to open the file. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code as the current user.An attacker who successfully exploited this vulnerability could run arbitrary code as the current user. Mitigating Factors An attacker would have no way to force user to visit a malicious website or open a malicious file in email.An attacker would have no way to force user to visit a malicious website or open a malicious file in email. Additional Information The Microsoft Office update MS11-089 was applied to systems running Microsoft Visio 2010 even though this software was listed as non-affected in the MS11-089 bulletin.The Microsoft Office update MS11-089 was applied to systems running Microsoft Visio 2010 even though this software was listed as non-affected in the MS11-089 bulletin.

14 Dial In Number 1-877-593-2001 Pin: 3959 MS12-060: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1856Critical11 Remote Code Execution Cooperatively Disclosed Affected Products Office 2003 SP3 and Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1 (32-bit), SQL Server 2000 SP4 and Analysis Services SP4, SQL Server 2005 Express w/Advanced Services SP 4, SQL Server 2005 for 32-bit Ed. and 64-bit Ed. SP4, SQL Server 2005 for Itanium-based Systems SP4, All supported versions of SQL Server 2008 and 2008R2 except Management Studio, Commerce Server 2002 SP4, Commerce Server 2007 SP2, and Commerce Server 2009 and 2009R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, and Visual FoxPro 9.0 SP2, Visual Basic 6.0 Runtime Affected Components Windows Common Controls Deployment Priority 1 Main Target Workstations and Servers Possible Attack Vectors In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially crafted document to the user and convincing the user to open the document.In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially crafted document to the user and convincing the user to open the document. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. Impact of Attack An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Mitigating Factors By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration. The attacker would have to convince the user to open the attachment in order to exploit the vulnerability.The attacker would have to convince the user to open the attachment in order to exploit the vulnerability. Additional Information Microsoft is aware of limited, targeted attacks attempting to exploit this vulnerability.Microsoft is aware of limited, targeted attacks attempting to exploit this vulnerability.

15 Dial In Number 1-877-593-2001 Pin: 3959 Microsoft is announcing the availability of an update to Windows that restricts the use of weak RSA keys less than 1024 bits in length.Microsoft is announcing the availability of an update to Windows that restricts the use of weak RSA keys less than 1024 bits in length. The update is available on the Download Center as well as the Microsoft Update Catalog for all supported releases of Microsoft Windows.The update is available on the Download Center as well as the Microsoft Update Catalog for all supported releases of Microsoft Windows. Microsoft is planning to release this update through Microsoft Update in October 2012Microsoft is planning to release this update through Microsoft Update in October 2012 Microsoft Security Advisory (2661254): Update For Minimum Certificate Key Length

16 Dial In Number 1-877-593-2001 Pin: 3959 Microsoft is rereleasing MS12-043 to offer the security updates for Microsoft XML Core Services 5.0 that were unavailable at the time of initial release.Microsoft is rereleasing MS12-043 to offer the security updates for Microsoft XML Core Services 5.0 that were unavailable at the time of initial release. Customers running Microsoft XML Core Services 5.0 should apply the KB2687324, KB2596856, or KB2596679 update to be protected from the vulnerability described in this bulletin.Customers running Microsoft XML Core Services 5.0 should apply the KB2687324, KB2596856, or KB2596679 update to be protected from the vulnerability described in this bulletin. Customers who have already successfully installed the updates originally offered on July 10, 2012 for Microsoft XML Core Services 3.0, Microsoft XML Core Services 4.0, and Microsoft XML Core Services 6.0 do not need to take any additional action for these versions.Customers who have already successfully installed the updates originally offered on July 10, 2012 for Microsoft XML Core Services 3.0, Microsoft XML Core Services 4.0, and Microsoft XML Core Services 6.0 do not need to take any additional action for these versions. MS12-043: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) Re-release

17 Dial In Number 1-877-593-2001 Pin: 3959 Detection & Deployment 1. Yes for all except Windows XP Media Center 2005 and XP Tablet Edition 2005

18 Dial In Number 1-877-593-2001 Pin: 3959 Other Update Information 1. Uninstall is only possible on Host Integration Server, Commerce Server 2009R2, and SQL Server 2000

19 Dial In Number 1-877-593-2001 Pin: 3959 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: –Win32/Bafruz: A backdoor Trojan that allows unauthorized access and control of an affected computer. Win32/Bafruz: Win32/Bafruz: –Win32/Matsnu: A Trojan that can perform certain actions based on instructions from a remote server. It also changes certain computer settings. Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.Offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove. www.microsoft.com/malwareremove

20 Dial In Number 1-877-593-2001 Pin: 3959 The Security site on TechNet is changing! In the coming months, the TechNet Security site will be updated to the Windows 8-style UI. Some of the highlights will include a modern look and feel, streamlined navigation, and easily discoverable security tools. Take a look at how these changes are already happening across TechNet http://technet.microsoft.com. http://technet.microsoft.com

21 Dial In Number 1-877-593-2001 Pin: 3959 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx

22 Dial In Number 1-877-593-2001 Pin: 3959 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

23 Dial In Number 1-877-593-2001 Pin: 3959

Download ppt "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft August 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Monthly Security Bulletin Briefing

Monthly Security Bulletin Briefing
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Similar presentations

Ads by Google