Microsoft Security Bulletin: January 2012 Release!

It’s that time again. Please see below the first security bulletin for the year.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin(s) being released on January 10, 2012. Security bulletins are released monthly to resolve critical problem vulnerabilities.

New Security Bulletins

Microsoft is releasing the following seven new security bulletins for newly discovered vulnerabilities:

Bulletin ID	Bulletin Title	Max Severity Rating	Vulnerability Impact	Restart Requirement	Affected Software
MS12-001	Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)	Important	Security Feature Bypass	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-002	Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)	Important	Remote Code Execution	May require restart	Microsoft Windows XP and Windows Server 2003.
MS12-003	Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)	Important	Elevation of Privilege	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
MS12-004	Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)	Critical	Remote Code Execution	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-005	Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)	Important	Remote Code Execution	May require restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-006	Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)	Important	Information Disclosure	Requires restart	Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
MS12-007	Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)	Important	Information Disclosure	May require restart	Microsoft Developer Tools and Software
Note: The list of affected software in the summary table above is an abstract. To see the full list of affected components please visit the bulletin summary webpage at the link below and review the "Affected Software" section.

Summaries for new bulletin(s) may be found at http://technet.microsoft.com/security/bulletin/MS12-jan.

Microsoft Windows Malicious Software Removal Tool

Microsoft is releasing an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center. Information on the Microsoft Windows Malicious Software Removal Tool is available at http://support.microsoft.com/?kbid=890830.

High Priority Non-Security Updates

High priority non-security updates Microsoft releases to be available on Microsoft Update (MU), Windows Update (WU), or Windows Server Update Services (WSUS) will be detailed in the KB article found at http://support.microsoft.com/?id=894199.

Jeffa

Technorati Tags: Security Bulletins,Updates,Patching

Jeff Alexander's Weblog

Microsoft Security Bulletin: January 2012 Release!

Products

Resources

Solutions

Downloads

Evals

Tools

TechNet Support

Microsoft Support