-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0062 Title: Microsft Security Updates Version history: 10.05.2012 Initial publication CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 8 May 2012. This advisory is intended to help you plan for the deployment of these security updates more effectively. Please note that the list of affected software shown below is an abstract. The full list of affected components can be found at http://technet.microsoft.com/security/bulletin/MS12-may. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative. - ---------------------------- Bulletin ID: MS12-029 Bulletin Title: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) Max Severity Rating: Critical Vulnerability Impact: Remote Code Execution Restart Requirement: May require restart Affected Software: Microsoft Word, Office for Mac 2011. - ---------------------------- Bulletin ID: MS12-030 Bulletin Title: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830) Max Severity Rating: Important Vulnerability Impact: Remote Code Execution Restart Requirement: May require restart Affected Software: Microsoft Excel, Office, Office for Mac. - ---------------------------- Bulletin ID: MS12-031 Bulletin Title: Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981) Max Severity Rating: Important Vulnerability Impact: Remote Code Execution Restart Requirement: May require restart Affected Software: Microsoft Visio Viewer 2010 - ---------------------------- Bulletin ID: MS12-032 Bulletin Title: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) Max Severity Rating: Important Vulnerability Impact: Elevation of Privilege Restart Requirement: Requires restart Affected Software: Microsoft Windows - ---------------------------- Bulletin ID: MS12-033 Bulletin Title: Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533) Max Severity Rating: Important Vulnerability Impact: Elevation of Privilege Restart Requirement: Requires restart Affected Software: Microsoft Windows - ---------------------------- Bulletin ID: MS12-034 Bulletin Title: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) Max Severity Rating: Critical Vulnerability Impact: Remote Code Execution Restart Requirement: May require restart Affected Software: Microsoft Office, .NET Framework, Windows, Silverlight. - ---------------------------- Bulletin ID: MS12-035 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777) Max Severity Rating: Critical Vulnerability Impact: Remote Code Execution Restart Requirement: May require restart Affected Software: Microsoft .NET Framework, Windows ================================== NEW SECURITY ADVISORY ================================== Microsoft published one new security advisory on May 08, 2012. Here is an overview of this new security advisory: Security Advisory 2695962 Advisory Title: Update Rollup for ActiveX Kill Bits Affected Software: Microsoft Windows More Information: http://technet.microsoft.com/security/advisory/2695962 Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information in this announcement and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative. Best Regards, CERT-EU CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 | e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well. Data Protection: CERT-EU complies with EU Regulation 45/2001 with regards to personal data protection. Our privacy statement is published here http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJPq6eZAAoJEPpzpNLI8SVofbQP/04SQNQwjCSsoL3Z3zqiAVFa ABsMjWSFghItzRxbStUHDl4XLiM8pLYuoPtm4R78UY3g0xRYDDto1RoR64ectnOO cMG6rK8uSsfV2rTICQFH30KvZlxJFU+NDo2Ru71xLKrMFsKYnEsLNIbh4kJqx8T1 GkzUh9mzaj/H8xx33qktTO8hgSrj4lgTD0/TtTeagx4z9MMcO16Hzxm1075YWkmp ygG2Rtes4VBkjHF9Bw/8MKmZEMdglZD6xyVfnOa63tiS4Bq/SBGPqaIHDuyQBT0u KB3K6uOY8M0RVZ0v19/O7quZTB/Jjc1Geu9vPkjp2UYf+OgFxfd20ZWDRj5GeYWu oExkanFn+dKYCREldJFVvnNrmwKxgB+OWBgvK4591f6XoU2kAsMdCPNIaOKLyZ5V 6sR3b3VyyqL8NPxEtdoPKchMyErKJSCkZuyJmfwOy6dx4OJ3H5wQMFfEo2MssLA7 1XpOVa+ZcHPNl0wsmsK87z4GaptZOVTfRWRS8SoxH27kr1tTrHks23xil8JWyDAT g9Ksd/hVAuLGSK+tgQKgYk8LcDtk53FIrUNvoLuz+4DoGlFSPVkn8tq0JSK9B+MG s7EQWAffVahW5SAqOu2pJFEt3oY5roz+3o3lYA6tNkEjgdaF2P2M0NkydOPFq+VR 9eacFuo/3eS4uvrQ2gF/ =a7lP -----END PGP SIGNATURE-----