Microsoft releases 6 vulnerabilities in 3 months to fix multiple high-risk vulnerabilities

Source: Internet
Author: User
Keywords Microsoft Golden Hill Guardian
Tags bulletin code computer design desktop development tools dns dns server

Absrtact: In the early hours of March 14, Microsoft released 3 months of 6 patches, repair Win7, XP, Vista and other mainstream systems, a number of high-risk vulnerabilities, one of the vulnerabilities can lead to the use of remote code execution defects intrusion user computers steal privacy. At present, Golden Hill Guardian has the first time to

In the early hours of March 14, Microsoft released 6 patches in 3 months, fixing multiple high-risk vulnerabilities in mainstream systems such as WIN7, XP and Vista, one of which could lead to the use of remote code execution bugs to invade users ' computers and steal privacy. At present, Jinshan Guardian has been the first time to push users to the March system security patches.

According to Microsoft's March security bulletin, one of the 6 patches released this month is the most dangerous "severity level" patch that fixes remote code execution vulnerabilities for Remote Desktop Connection protocol files (. rdp) in Windows. RDP files are more Remote Desktop settings saved by your system administrator to remotely administer your computer. Once a user double-clicks on a hacker using a system-created RDP file, it can cause the computer to be hacked, personal data stolen, and so on.

It is worth mentioning that this month's patch also affects software developers, and the newly disclosed software development tools Visual Studio and expression Design have elevated privileges and remote code execution vulnerabilities have been fixed in this patch. Jinshan Security Center reminds software developers to fix vulnerabilities as soon as possible, to avoid being attacked by development tools and indirectly hurting end users.

It is understood that the current mainstream PC operating system in the affected areas, Windows7, XP, Vista without exception, and the latest release of the Windows 8 Consumer preview version is not affected.

But this month's security patch did not fix the Vupen team's breach of Windows7 SP1 's IE 0day Vulnerability in the PWN20WN hacker race, and Chaouki Bekrar, the team leader, said the IE9 0day vulnerabilities they exploited were fully used to IE6 browsers.

Vulnerabilities have always been an important source of hacker attacks, the timely repair of patches, will be exempted from the pain of malicious attacks. At present, Golden Hill defender has begun to push the patch this month, please see the prompts, click "One key Repair" can quickly fill the loophole.

Attached: Microsoft March Patch Information

1. A denial of service vulnerability may be allowed in the DNS server

Safety Bulletin: ms12-017;

KB number: KB22647170;

Level: important;

Description: This security update resolves a privately reported vulnerability in Microsoft Windows. If an unauthenticated remote attacker sends a specially crafted DNS query to the destination DNS server, the vulnerability could allow denial of service.

Impact System: Windows 2003/windows 2008

2. A privilege elevation vulnerability may be allowed in Windows kernel-mode drivers

Safety Bulletin: ms12-018;

KB number: KB2641653;

Level: important;

Description: This security update resolves a privately reported vulnerability in Microsoft Windows. If an attacker logs on to the system and runs a specially crafted application that exploits the vulnerability, it may result in the control of the entire computer system.

Impact System: Windows xp/windows 2003/windows vista/windows 2008/windows 7

3. Possible denial of service vulnerabilities in Directwrite

Safety Bulletin: ms12-019;

KB number: KB2665364;

Level: Medium;

Description: This security update resolves a publicly disclosed Windows Directwrite vulnerability. If an attacker sends specially crafted content to the Instant Messenger client. When Directwrite renders a specially crafted Unicode character sequence, the target application may become unresponsive.

Impact System: Windows vista/windows 2008/windows 7

4, Remote Desktop may allow Remote Code execution vulnerability

Safety Bulletin: ms12-020;

KB number: KB2671387;

Level: serious;

Description: This security update resolves two high-risk vulnerabilities reported in secret. If an attacker sends carefully constructed content to a system that is affected, it could cause the attacker's malicious program to run. By default, Remote Desktop Protocol (RDP) is not enabled on the Windows operating system. There is no risk that the system has not enabled RDP.

Impact System: Windows xp/windows 2003/windows vista/windows 2008/windows 7

5. Vulnerabilities that may allow elevation of privilege in Visual Studio

Safety Bulletin: ms12-021;

KB number: KB2651019;

Level: important;

Description: This security update resolves a privately reported vulnerability in Visual Studio. This vulnerability could allow elevation of privilege if an attacker placed a specially crafted path for a user who started Visual Studio and was persuaded to have higher permissions. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited by remote anonymous users.

Impact System: Visual Studio 2010/windows 2008

6. Expression design may allow Remote code execution vulnerabilities

Safety Bulletin: ms12-021;

KB number: KB2651019;

Level: important;

Description: This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opens a legitimate file such as. xpr or design files, and a specially-crafted dynamic-link library (DLL) file is located in the same network directory, an attempt is made to load the DLL file and execute any code contained therein.

Impact Software: Microsoft Expression design/microsoft Expression design sp1/microsoft Expression design 2/microsoft Expression Design 3/microsoft Expression Design4

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.