Over 15 vulnerabilities resolved with the new set of updates

Aug 16, 2012 11:30 GMT  ·  By

On Tuesday, Microsoft made available for download the August 2012 set of security updates for its products, meant to resolve a series of vulnerabilities that have been found to affect Windows, Internet Explorer, Office and other software.

As mentioned last week, the Redmond-based software giant included nine security bulletins in this month’s update, five of them rated Critical.

The first of them, bulletin MS12-052, comes as a cumulative security update for Internet Explorer and is meant to resolve no less than four security issues in the application. The most severe of these could allow for remote code execution.

The second Critical-rated bulletin, MS12-053, resolves a privately reported vulnerability in the Remote Desktop Protocol which could allow for remote code execution as well.

Bulletin MS12-054 was meant to patch four privately reported vulnerabilities in Microsoft Windows. They affect the platform’s Networking Components and could result in remote code execution.

The fourth bulletin, MS12-060, resolves a privately reported security hole in Windows common controls. The issue could allow remote code execution if the user visits a website that contains the content specifically crafted to exploit the vulnerability.

Also Critical, the fifth bulletin, MS12-058, resolves publicly disclosed vulnerabilities in Microsoft Exchange Server WebReady Document Viewing that could allow remote code execution when the user previews a specially crafted file using Outlook Web App (OWA).

Rated Important, the sixth bulletin, MS12-055, patches an issue in Windows Kernel-Mode Drivers that could allow elevation of privilege if the attacker logs on the system and runs a specific application.

Also included in this month’s security update is bulletin MS12-056, rendered Important, meant to address a vulnerability in the JScript and VBScript scripting engines on 64-bit versions of Microsoft Windows.

The last two bulletins, MS12-057 and MS12-059, resolve issues found in Microsoft Office. The second of them affects Microsoft Visio. Both of them are rated Important and both could allow remote code execution.

Users of Windows XP, Windows Vista, Windows 7, Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2 are advised to apply these updates as soon as possible.

Users with the Windows Update feature turned on will receive the new security patches automatically, without the need to take additional action. Those without will have to perform the update manually.