-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0112 Title: Microsoft Security Updates Version history: 12.09.2012 Initial publication CERT-EU has received notification from Microsoft on a number of new security updates which have been released on the 12 September 2012. This advisory is intended to help you plan for the deployment of these security updates more effectively. Please note that the list of affected software shown below is an abstract. The full list of affected components can be found at http://technet.microsoft.com/security/bulletin/MS12-sep. Microsof's security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft's web-based security content, the information in Microsoft's web-based security content is authoritative. ================================== NEW SECURITY BULLETINS ================================== Bulletin ID: MS12-061 Bulletin Title: Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privilege (2719584) Max Severity Rating: Important Vulnerability Impact: Elevation of Privilege Restart Requirement: No restart required Affected Software: Microsoft Visual Studio Team Foundation Server 2010 ================================= Bulletin ID: MS12-062 Bulletin Title: Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528) Max Severity Rating: Important Vulnerability Impact: Elevation of Privilege Restart Requirement: No restart required Affected Software: Microsoft Systems Management Server 2003 and Microsoft System Center Configuration Manager 2007. ================================== THE MALICIOUS SOFTWARE REMOVAL TOOL ================================== Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available here: http://support.microsoft.com/?kbid=890830. ================================== NEW SECURITY ADVISORY ================================== Microsoft published one new security advisory on September 11, 2012. Here is an overview of this new security advisory: Security Advisory 2736233 - Update Rollup for ActiveX Kill Bits Affected Software: - - Microsoft Windows XP - - Windows Server 2003 - - Windows Vista - - Windows Server 2008 - - Windows 7 - - Windows Server 2008 R2 Executive Summary: - - With this advisory, Microsoft is releasing an update rollup of ActiveX kill bits that contains new kill bits and all kill bits previously released. - - This update sets the kill bits for the following third-party software: o Cisco Secure Desktop o Cisco Hostscan o Cisco AnyConnect Secure Mobility Client More Information: http://technet.microsoft.com/security/advisory/2736233 Best Regards, CERT-EU (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJQUZIqAAoJEPpzpNLI8SVoV50QALy11h0AK4T/PEht3s6n2HwU 3SEk40hSsSadJUNe2lzsoxu6wXqAulNeHR9RNCkqbbibJj8XCPBLyokA5kptPoxS E1/nLJurJfHnuJRdWw0NXlo58928RVFtNY3AyJFK5FfM7pMbVEiw4KpDBQ7TdVay cMzs64EfOp5A94UWOTcvpeV5M+/v6jBn+RCaqyqgPYF5EcKpO3dmUpD5TXIFtAhF 9118LZe7WXPF2/3iN04Kyb3D70n5QLt0R0BVwrvI/Xbwvu/gySaZ49rD6uw78KCy AXWdqvRdo5uofNhTU6d+F0ydZzGiMBpPbYK87vXL7Yu/JtaSP4fVgvHr7wouRw8i e6QBnNyI/ZP1oO25HGig60fSEQMyxK26fd9zfpe86ZqcsW6KjHAYF9ryZVucfihQ Y12tOFKYgzR0R/n/3LhEEk/ch5VK12vGl6Zwn+yZJ4AmgoiXysaYZGNbEfYYM9jt DAKGVa9Tpb7XANNKzKjaKTXYKsbm3lGCVaZiNCSq5X4hTqYtqtfhwRE079RrZbym 8lo79qdFNoWX/5r4MiERrz5TpfBzigu2KM0WGEAL88tqiqlmMWfYQ7tvQZm4mbkC EZuFr66dwgL2m/UX/ZUOMhutefEVBJlUmeL7LkNnPZpuLmJ5etuFo9zjITDRNOyZ hpY6rkZPtWFi1hdI9mI7 =VlJe -----END PGP SIGNATURE-----