March 2012 Patch Tuesday: 6 Bulletins, 7 Vulnerabilities
A total of six security bulletins will be released on Tuesday, the 13th of March by Microsoft as part of its Patch Tuesday program (patches are released every second Tuesday of the month). The aforementioned security bulletins will patch a total of seven vulnerabilities that plague the Windows operating system, the Microsoft Visual Studio integrated development environment, and the Microsoft Expression Design professional illustration vector and raster graphic design tool.
As usual, the bulletins will be rolled out at about 10AM PDT. Also as usual, Microsoft has posted an advance notification for the March 2012 Patch Tuesday. You can view the notification here. Right now it doesn’t include a lot of info, but once the six bulletins are rolled out, it will be updated to include more info.
Speaking about the six bulletins that will be released to the public on Tuesday, one is rated as critical (could lead to remote code execution), four are rated as important (could lead to denial of service, elevation of privilege, or remote code execution), and one is rated as moderate (could lead to denial of service).
The critical rating is the most severe rating Microsoft employs. And Microsoft employs the critical rating when it comes across a vulnerability whose exploitation could allow the propagation of an Internet worm without user action. Microsoft employs the important rating when it with a vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of user’s data, or of the integrity or availability of processing resources. And the moderate rating is used when a vulnerability’s exploitation is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
So to sum it up, as part of the March 2012 Patch Tuesday, Microsoft will release 6 security bulletins (only 1 is rated as critical) that will fix a total of 7 vulnerabilities (Windows, Visual Studio, Expression Design). An advance notification has been posted online here.
As usual, the bulletins will be rolled out at about 10AM PDT. Also as usual, Microsoft has posted an advance notification for the March 2012 Patch Tuesday. You can view the notification here. Right now it doesn’t include a lot of info, but once the six bulletins are rolled out, it will be updated to include more info.
Speaking about the six bulletins that will be released to the public on Tuesday, one is rated as critical (could lead to remote code execution), four are rated as important (could lead to denial of service, elevation of privilege, or remote code execution), and one is rated as moderate (could lead to denial of service).
The critical rating is the most severe rating Microsoft employs. And Microsoft employs the critical rating when it comes across a vulnerability whose exploitation could allow the propagation of an Internet worm without user action. Microsoft employs the important rating when it with a vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of user’s data, or of the integrity or availability of processing resources. And the moderate rating is used when a vulnerability’s exploitation is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
So to sum it up, as part of the March 2012 Patch Tuesday, Microsoft will release 6 security bulletins (only 1 is rated as critical) that will fix a total of 7 vulnerabilities (Windows, Visual Studio, Expression Design). An advance notification has been posted online here.
