McAfee Labs Security Advisory: MTIS12-193

Version 2

    EXECUTIVE SUMMARY

     

    December 11, 2012 | MTIS12-193

     

    Since the last McAfee® Labs Security Advisory (December 10), the following noteworthy events have taken place:

    • Patches are now available for the following vulnerabilities:
      • (MS12-077) Microsoft Internet Explorer InjectHTMLStream User After Free Remote Code Execution (2761465)
      • (MS12-077) Microsoft Internet ExplorerCMarkup User After Free Remote Code Execution (2761465)
      • (MS12-077) Microsoft Internet Explorer Improper Ref Counting User After Free Remote Code Execution (2761465)
      • (MS12-078) Microsoft Windows Open Type Font Parsing Remote Code Execution (2783534)
      • (MS12-078) Microsoft Windows True Type Font Parsing Remote Code Execution (2783534)
      • (MS12-079) Microsoft Word Listoverridecount Remote Code Execution (2780642)
      • (MS12-080) Microsoft Exchange Server Oracle Outside In Remote Code Execution I (2784126)
      • (MS12-080) Microsoft Exchange Server Oracle Outside In Remote Code Execution II (2784126)
      • (MS12-080) Microsoft Exchange RSS Feed Handling Denial Of Service (2784126)
      • (MS12-081) Microsoft Windows Filename Parsing Remote Code Execution (2758857)
      • (MS12-082) Microsoft DirectX DirectPlay Heap Overflow Remote Code Execution (2770660)
      • (MS12-083) Microsoft Windows IPHTTPS Revoked Certificate Security Bypass (2765809)