Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-800-829-9747 Pin: 5453 Information About Microsoft June 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation.

Published byIsabel Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-800-829-9747 Pin: 5453 Information About Microsoft June 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation."— Presentation transcript:

1 Dial In Number 1-800-829-9747 Pin: 5453 Information About Microsoft June 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation Dustin Childs Group Manager, Response Communications Microsoft Corporation

2 Dial In Number 1-800-829-9747 Pin: 5453 Live Video Stream To receive our video stream in LiveMeeting:To receive our video stream in LiveMeeting: –Click on Voice & Video –Click the drop down next to the camera icon –Select Show Main Video

3 Dial In Number 1-800-829-9747 Pin: 5453 What We Will Cover Review of June 2012 Bulletin Release InformationReview of June 2012 Bulletin Release Information –New Security Bulletins –Security Advisory 2719615 –KB 2677070 - –KB 2677070 - Automatic Updater of Revoked Certificates –Microsoft ® Windows ® Malicious Software Removal Tool ResourcesResources Questions and Answers: Please Submit NowQuestions and Answers: Please Submit Now –Submit Questions via Twitter #MSFTSecWebcast

4 Dial In Number 1-800-829-9747 Pin: 5453 Severity and Exploitability Index Exploitability Index 1 RISK 2 3 DP1122233 Severity Critical IMPACT Important Moderate Low MS12-036MS12-037MS12-038MS12-039MS12-040MS12-041MS12-042 WindowsWindowsWindows Lync Internet Explorer.NET Dynamics AX

5 Dial In Number 1-800-829-9747 Pin: 5453 Bulletin Deployment Priority

6 Dial In Number 1-800-829-9747 Pin: 5453 MS12-036: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0173Critical11 Remote Code Execution Cooperatively Disclosed Affected Products Windows Server 2003 SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2, Windows Server 2008 R2 SP1 Windows XP SP3, Windows Vista SP2, Windows 7 Affected Components Remote Desktop Protocol Deployment Priority 1 Main Target Terminal servers Possible Attack Vector A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system.A remote unauthenticated attacker could exploit this vulnerability by sending a sequence of specially crafted RDP packets to the target system. Impact of Attack An attacker who successfully exploited this vulnerability on systems for which the issue is marked as Critical could take complete control of the affected system.An attacker who successfully exploited this vulnerability on systems for which the issue is marked as Critical could take complete control of the affected system. For platforms marked as moderately affected by this issue, exploit would lead only to a Denial of Service.For platforms marked as moderately affected by this issue, exploit would lead only to a Denial of Service. Mitigating Factors By default, the Remote Desktop Protocol is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.By default, the Remote Desktop Protocol is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

7 Dial In Number 1-800-829-9747 Pin: 5453 MS12-037: Cumulative Security Update for Internet Explorer (2699988) – slide 1 of 2 CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1523CriticalN/A1 Remote Code Execution Cooperatively Disclosed CVE-2012-1858Important33 Information Disclosure Cooperatively Disclosed CVE-2012-1872ModerateN/AN/A Information Disclosure Cooperatively Disclosed CVE-2012-1873Important33 Information Disclosure Cooperatively Disclosed CVE-2012-1874Important13 Remote Code Execution Cooperatively Disclosed CVE-2012-1875CriticalN/A1 Remote Code Execution Cooperatively Disclosed CVE-2012-1876Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1877Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1878Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1879Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1880Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1881Critical11 Remote Code Execution Cooperatively Disclosed CVE-2012-1882ModerateN/AN/A Information Disclosure Publicly Disclosed

8 Dial In Number 1-800-829-9747 Pin: 5453 MS12-037: Cumulative Security Update for Internet Explorer (2699988) – slide 2 of 2 CVE-2012- 1523 RCE CVE-2012- 1858 ID CVE-2012- 1872 ID CVE-2012- 1873 ID CVE-2012- 1874 RCE CVE-2012- 1875 RCE CVE-2012- 1876 RCECVE-2012- 1877 RCE CVE-2012- 1878 RCE CVE-2012- 1879 RCE CVE-2012- 1880 RCE CVE-2012- 1881 RCE CVE-2012- 1882 ID Affected Products Internet Explorer 6, 7, 8, 9 on all supported versions of Windows Server Affected Components Internet Explorer Deployment Priority 1 Main Target Workstations Possible Attack Vectors An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website, or place a malicious ActiveX control in an application or Microsoft Office document. (CVE-2012-1523, CVE-2012-1874, CVE-2012-1875, CVE-2012-1876, CVE-2012-1877, CVE-2012-1878, CVE-2012- 1879, CVE-2012-1880, CVE-2012-1881)An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website, or place a malicious ActiveX control in an application or Microsoft Office document. (CVE-2012-1523, CVE-2012-1874, CVE-2012-1875, CVE-2012-1876, CVE-2012-1877, CVE-2012-1878, CVE-2012- 1879, CVE-2012-1880, CVE-2012-1881) An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-1858, CVE-2012-1872, CVE-2012-1873, CVE-2012-1882)An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. (CVE-2012-1858, CVE-2012-1872, CVE-2012-1873, CVE-2012-1882) Impact of Attack An attacker successfully exploiting this issue could inflict a cross-site scripting attack on the user. (CVE-2012-1858, CVE- 2012-1872)An attacker successfully exploiting this issue could inflict a cross-site scripting attack on the user. (CVE-2012-1858, CVE- 2012-1872) An attacker successfully exploiting this issue could gain access to and read IE’s process memory. (CVE-2012-1873)An attacker successfully exploiting this issue could gain access to and read IE’s process memory. (CVE-2012-1873) An attacker successfully exploiting this issue could view context from another domain or Internet Explorer zone. (CVE-2012- 1882)An attacker successfully exploiting this issue could view context from another domain or Internet Explorer zone. (CVE-2012- 1882) An attacker successfully exploiting this issue could execute arbitrary code in the context of the current user. (CVE-2012- 1874, CVE-2012-1875, CVE-2012-1876, CVE-2012-1877, CVE-2012-1878, CVE-2012-1879, CVE-2012-1880, CVE-2012-1881, CVE-2012-1523)An attacker successfully exploiting this issue could execute arbitrary code in the context of the current user. (CVE-2012- 1874, CVE-2012-1875, CVE-2012-1876, CVE-2012-1877, CVE-2012-1878, CVE-2012-1879, CVE-2012-1880, CVE-2012-1881, CVE-2012-1523) Mitigating Factors By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone. An attacker has no way of forcing users to visit a maliciously constructed Web site.An attacker has no way of forcing users to visit a maliciously constructed Web site. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration A targeted user must be convinced to open the Internet Explorer Developer Toolbar while visiting a malicious site. (CVE- 2012-1874)A targeted user must be convinced to open the Internet Explorer Developer Toolbar while visiting a malicious site. (CVE- 2012-1874) Additional Information Installations using Server Core 2008 or 2008 R2 are not affected.Installations using Server Core 2008 or 2008 R2 are not affected.

9 Dial In Number 1-800-829-9747 Pin: 5453 MS12-038: Vulnerability in.NET Framework Could Allow Remote Code Execution (2706726) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1855Critical11 Remote Code Execution Cooperatively Disclosed Affected Products.NET Framework 2.0 SP2,.NET Framework 3.5.1,.NET Framework 4 on all supported editions of Microsoft Windows Affected Components.NET Framework Deployment Priority 2 Main Target Servers and workstations Possible Attack Vectors An attacker could host a website that contains an XAML Browser Application (XBAP) that is used to exploit this vulnerability. Compromised websites and websites that accept or host user- provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability.An attacker could host a website that contains an XAML Browser Application (XBAP) that is used to exploit this vulnerability. Compromised websites and websites that accept or host user- provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could obtain the same permissions as the currently logged-on user.An attacker who successfully exploited this vulnerability could obtain the same permissions as the currently logged-on user. Code Access Security (CAS) Bypass: An attacker could use this issue to bypass CAS restrictions.Code Access Security (CAS) Bypass: An attacker could use this issue to bypass CAS restrictions. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration.Enhanced Security ConfigurationEnhanced Security Configuration Standard.NET Framework applications are not affected by this issue.Standard.NET Framework applications are not affected by this issue. Additional Information This bulletin applies to.NET Framework 4 and.NET Framework 4 Client Profile, and to users of the.NET Framework 3.5 and 4.5 Windows Consumer Preview software.This bulletin applies to.NET Framework 4 and.NET Framework 4 Client Profile, and to users of the.NET Framework 3.5 and 4.5 Windows Consumer Preview software.

10 Dial In Number 1-800-829-9747 Pin: 5453 MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2011-3402Important3N/A Remote Code Execution Publicly Disclosed CVE-2012-0159Important3N/A Remote Code Execution Cooperatively Disclosed CVE-2012-1849Important1N/A Remote Code Execution Cooperatively Disclosed CVE-2012-1858Important33 Information Disclosure Cooperatively Disclosed Affected Products Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2010 Attendant (32- and 64-bit), Office Communicator 2007 R2 Affected Components Lync Deployment Priority 2 Main Target Workstations and Servers Possible Attack Vectors An attacker could create content containing a specially crafted TrueType font used to exploit this vulnerability. (CVE-2011-3402, CVE-2012- 0159)An attacker could create content containing a specially crafted TrueType font used to exploit this vulnerability. (CVE-2011-3402, CVE-2012- 0159) In an email attack scenario, an attacker could exploit the vulnerability by sending a legitimate Microsoft Office file to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. (CVE-2012-1849)In an email attack scenario, an attacker could exploit the vulnerability by sending a legitimate Microsoft Office file to a user, and convincing the user to place the attachment into a directory containing a specially crafted DLL file and to open the legitimate file. (CVE-2012-1849) In a network attack scenario, an attacker could place a legitimate Office file and a specially crafted DLL in a network share, a UNC, or WebDAV location and then convince the user to open the file. (CVE-2012-1849)In a network attack scenario, an attacker could place a legitimate Office file and a specially crafted DLL in a network share, a UNC, or WebDAV location and then convince the user to open the file. (CVE-2012-1849) Impact of Attack An attacker successfully exploiting this issue could take control of an affected system. (CVE-2011-3402, CVE-2012-0159)An attacker successfully exploiting this issue could take control of an affected system. (CVE-2011-3402, CVE-2012-0159) An attacker successfully exploiting this issue could run arbitrary code in the context of the current user. (CVE-2012-1849)An attacker successfully exploiting this issue could run arbitrary code in the context of the current user. (CVE-2012-1849) An attacker successfully exploiting this issue could perform cross-site scripting attacks against Lync or Microsoft Communicator users. (CVE-2012-1858)An attacker successfully exploiting this issue could perform cross-site scripting attacks against Lync or Microsoft Communicator users. (CVE-2012-1858) Mitigating Factors Users whose accounts are configured to have fewer user rights on the system are less affected than users operating with administrative rights. (CVE-2011-3402)Users whose accounts are configured to have fewer user rights on the system are less affected than users operating with administrative rights. (CVE-2011-3402) The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. (CVE-2012-1849)The file sharing protocol, Server Message Block (SMB), is often disabled on the perimeter firewall. (CVE-2012-1849) For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file from this location that is then loaded by a vulnerable application. (CVE-2012-1849)For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file from this location that is then loaded by a vulnerable application. (CVE-2012-1849) Additional Information The update for Lync 2010 Attendee (user-level install) is available only via Download Center.The update for Lync 2010 Attendee (user-level install) is available only via Download Center. Though the vulnerability described in CVE-2011-3402 has previously been exploited in limited, targeted attacks, the vector used in those attacks was addressed in MS11-087, and we have detected no use of this vector in attacks.Though the vulnerability described in CVE-2011-3402 has previously been exploited in limited, targeted attacks, the vector used in those attacks was addressed in MS11-087, and we have detected no use of this vector in attacks. The vulnerability addressed by CVE-2012-1849 is related to the class of vulnerabilities described in Microsoft Security Advisory 2269637.The vulnerability addressed by CVE-2012-1849 is related to the class of vulnerabilities described in Microsoft Security Advisory 2269637.Microsoft Security Advisory 2269637Microsoft Security Advisory 2269637

11 Dial In Number 1-800-829-9747 Pin: 5453 MS12-040: Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-0178Important1N/A Elevation of Privilege Cooperatively Disclosed Affected Products Microsoft Dynamics AX 2012 Enterprise Portal Affected Components Microsoft Dynamics AX Enterprise Portal Deployment Priority 2 Main Target Workstations connecting to a Microsoft Dynamics AX Enterprise Portal server Possible Attack Vectors An attacker could exploit the vulnerability hosting a web site with a malicious page and convincing a targeted user to click on the specially crafted URL.An attacker could exploit the vulnerability hosting a web site with a malicious page and convincing a targeted user to click on the specially crafted URL. Impact of Attack An attacker who successfully exploited this vulnerability could read content that the attacker is not authorized to read, use the victim's identity to take actions on the Microsoft Dynamics AX Enterprise Portal site on behalf of the victim, or inject malicious content in the browser of the victim. Mitigating Factors An attacker would have no way to force users to visit a malicious website.An attacker would have no way to force users to visit a malicious website. The vulnerability cannot be exploited automatically through email.The vulnerability cannot be exploited automatically through email. Internet Explorer 8 and Internet Explorer 9 users browsing to a Microsoft Dynamics AX Enterprise Portal site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack in the Internet Zone.Internet Explorer 8 and Internet Explorer 9 users browsing to a Microsoft Dynamics AX Enterprise Portal site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack in the Internet Zone. Additional Information Earlier versions of Microsoft Dynamics AX are not affected by this cross-site scripting issue.Earlier versions of Microsoft Dynamics AX are not affected by this cross-site scripting issue. This update is available via the Download Center and via theThis update is available via the Download Center and via the Microsoft Dynamics CustomerSource and Microsoft Dynamics PartnerSource websites.Microsoft Dynamics CustomerSourceMicrosoft Dynamics PartnerSource

12 Dial In Number 1-800-829-9747 Pin: 5453 MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) CVESeverity Exploitability Comment Cooperatively Disclosed Latest Software Older Versions CVE-2012-1864Important11 Elevation of Privilege Cooperatively Disclosed CVE-2012-1865Important11 Elevation of Privilege Cooperatively Disclosed CVE-2012-1866Important11 Elevation of Privilege Cooperatively Disclosed CVE-2012-1867Important11 Elevation of Privilege Cooperatively Disclosed CVE-2012-1868ImportantN/A1 Elevation of Privilege Cooperatively Disclosed Affected Products All versions of Microsoft Windows Affected Components Kernel-Mode Drivers Deployment Priority 3 Main Target Workstations Possible Attack Vectors An attacker who is able to log onto the targeted system could then run a specially crafted application that could exploit the vulnerability.An attacker who is able to log onto the targeted system could then run a specially crafted application that could exploit the vulnerability. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Mitigating Factors An attacker would require both valid logon credentials and the ability to logon locally to the targeted machine.An attacker would require both valid logon credentials and the ability to logon locally to the targeted machine. Additional Information Installations using Server Core are affected.Installations using Server Core are affected.

13 Dial In Number 1-800-829-9747 Pin: 5453 MS12-042: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-1515ImportantN/A1 Elevation of Privilege Publicly Disclosed CVE-2012-0217Important1N/A Elevation of Privilege Cooperatively Disclosed Affected Products Windows XP SP3, Windows Server 2003 SP2, Windows 7 x64, Windows 7 x64 SP1, Windows Server 2008 R2 x64, Windows Server 2008 R2 x64 SP1 Affected Components User Mode Scheduler (CVE-2012-0127) and BIOS ROM (CVE-2012-1515) Deployment Priority 3 Main Target Workstations Possible Attack Vectors To exploit this vulnerability, an attacker would have to log on to the system, then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system.To exploit this vulnerability, an attacker would have to log on to the system, then run a specially crafted application that could exploit the vulnerability and take complete control over the affected system. Impact of Attack An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system.An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode and take complete control of an affected system. Mitigating Factors An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Systems with AMD- or ARM-based CPUs are unaffected (CVE-2012-0217)Systems with AMD- or ARM-based CPUs are unaffected (CVE-2012-0217) Only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2 (CVE-2012-0217)Only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2 (CVE-2012-0217) Additional Information Windows Server 2008 R2 and 2008 R2 SP1 installations using Server Core are affected.Windows Server 2008 R2 and 2008 R2 SP1 installations using Server Core are affected. CVE-2012-1515 applies only to Windows XP and 2003, while CVE-2012-0217 applies only to Windows 7 and Server 2008 R2.CVE-2012-1515 applies only to Windows XP and 2003, while CVE-2012-0217 applies only to Windows 7 and Server 2008 R2.

14 Dial In Number 1-800-829-9747 Pin: 5453 Security Advisory 2719615: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution We are releasing a Security Advisory to address a vulnerability in Microsoft XML Core Services.We are releasing a Security Advisory to address a vulnerability in Microsoft XML Core Services. –The issue, if exploited, would permit remote code execution. –The Security Advisory describes the issue in greater detail and provides a no-reboot Fix it that blocks the vector in Internet Explorer. –We recommend that customers deploy EMET (the Enhanced Mitigation Experience Toolkit) for additional protection. This advisory affects all supported versions of Windows as well as Office 2003 and 2007 and Microsoft SQL.This advisory affects all supported versions of Windows as well as Office 2003 and 2007 and Microsoft SQL. Please see Security Advisory 2719615 for more information.Please see Security Advisory 2719615 for more information.Security Advisory 2719615Security Advisory 2719615

15 Dial In Number 1-800-829-9747 Pin: 5453 KB 2677070: Automatic Updater of Revoked Certificates Microsoft is improving the process by which customers interact with untrusted or compromised certificates and keys.Microsoft is improving the process by which customers interact with untrusted or compromised certificates and keys. –In the past, we issued CRLs – Certificate Revocation Lists – and customers would update their systems manually. –We are rolling out an automated process that will update Windows clients with no manual interaction on the part of customers. See KB 2677070 for more information KB 2677070KB 2677070 KB 2677070 makes this feature available to customers using Windows Vista SP2, Windows Server 2008 SP2, Windows 7, or Windows Server 2008 R2 SP1, and is included in Windows 8 Release Preview and the Windows Server 2012 Release Candidate.KB 2677070 makes this feature available to customers using Windows Vista SP2, Windows Server 2008 SP2, Windows 7, or Windows Server 2008 R2 SP1, and is included in Windows 8 Release Preview and the Windows Server 2012 Release Candidate. In August, we will release a change to how Windows manages certificates that have RSA keys of less than 1024 bits in length. We will treat all of these certificates as invalid, even if they are currently valid and signed by a trusted certificate authority.In August, we will release a change to how Windows manages certificates that have RSA keys of less than 1024 bits in length. We will treat all of these certificates as invalid, even if they are currently valid and signed by a trusted certificate authority.

16 Dial In Number 1-800-829-9747 Pin: 5453 Detection & Deployment ** Available via the Download Center and the Microsoft Dynamics Customer Source and Microsoft Dynamics Partner Source *** Except for Microsoft Lync 2010 Attendee (user-level install), which is available only via the Download Center.

17 Dial In Number 1-800-829-9747 Pin: 5453 Other Update Information

18 Dial In Number 1-800-829-9747 Pin: 5453 Windows Malicious Software Removal Tool (MSRT) During this release Microsoft will increase detection capability for the following families in the MSRT:During this release Microsoft will increase detection capability for the following families in the MSRT: –Win32/Cleaman: A malicious program lacking the ability to propagate on its own, Cleaman can perform a variety of actions on an infected machine as directed by a remote attacker. Win32/Cleaman: –Win32/Kuluoz: This trojan takes instruction from remote servers and is known in particular to download variants of Trojan:Win32/FakeSysdef, a fake security scanner. Win32/ Available as a priority update through Windows Update or Microsoft Update.Available as a priority update through Windows Update or Microsoft Update. Offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove.Offered through WSUS 3.0 or as a download at: www.microsoft.com/malwareremove. www.microsoft.com/malwareremove

19 Dial In Number 1-800-829-9747 Pin: 5453 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx

20 Dial In Number 1-800-829-9747 Pin: 5453 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrcA recording of this webcast will be available within 48 hours on the MSRC Blog: http://blogs.technet.com/msrc http://blogs.technet.com/msrc Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

21 Dial In Number 1-800-829-9747 Pin: 5453

Download ppt "Dial In Number 1-800-829-9747 Pin: 5453 Information About Microsoft June 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft Corporation."

Similar presentations

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
Configuring Windows Internet Explorer 7 Security Lesson 5.

Configuring Windows Internet Explorer 7 Security Lesson 5.
NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.

NETOP REMOTE CONTROL What’s new in version 9.5? DECEMBER 09 NETOP REMOTE CONTROL1.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Monthly Security Bulletin Briefing

Monthly Security Bulletin Briefing
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.
Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Similar presentations

Ads by Google