Internet Security Systems - AlertCon(TM)

July 2012 Microsoft Super Tuesday

Posted by Shane Garrett on July 10, 2012 at 11:33 AM EDT.

Microsoft released nine bulletins this July. Below are our thoughts on the three bulletins we thought the most relevant which were also rated critical by Microsoft. It is extremely important to apply the MS12-043 update as this vulnerability is seeing active exploitation.

  • MS12-043 : Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

    The Microsoft XML Core Services API contains a remote code execution vulnerability, CVE-2012-1889, that has seen active exploitation and is publicly available. The vulnerability is due to the utilization of unitialized data when using the getDefinition API. The current exploitation for this is via malicious JavaScript in a web-page that utilizes an ActiveX control from this library. Due to the severity of the issue Microsoft released a Fix-It solution for vulnerability in June. Everyone should apply this update.


  • MS12-045 : Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution

    This bulletin addresses a vulnerability, CVE-2012-1891,, in the Microsoft Data Access Components. This vulnerability in the use of uninitialized data can be exploited for remote code execution. Exploit script code can be placed into a web-page, allowing for attacker supplied code to be run when rendering a malicious site. This update should be definitely be applied.


  • MS12-044 : Cumulative Security Update for Internet Explorer

    This bulletin addresses two vulnerabilities in Internet Explorer, both of which could be exploited to gain remote code access. Both of these are related to dynamic manipulation of DOM. Though not publicly disclosed, these vulnerabilities could be reverse engineered and imbedded into web-pages. This and any critically rated remote code execution bugs in Internet Explorer should be patched quickly.


Comments or opinions expressed on this Weblog are the opinions of the authors alone. They are not necessarily reviewed in advance by anyone but the individual authors, and neither IBM Internet Security Systems nor any other party necessarily agrees with them. The views expressed by outside contributors and links to outside websites do not represent the views of IBM Internet Security Systems, its management or employees. All content on this Weblog has been made available on an “as-is” basis, and IBM Internet Security Systems shall not be liable for any direct or indirect damages arising out of use of this Weblog.