Security Advisory - April 10, 2012

Zscaler Protects Against Latest Microsoft’s Patch Cycle

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following web based, client-side vulnerability included in the April 2012 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections as necessary.

MS12-023 – Cumulative Security Update for Internet Explorer (2675157)

Severity: Critical
Affected Software

  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9

CVE-2012-0170 - OnReadyStateChange Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-2012-0171 - SelectAll Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-2012-0172 - VML Style Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

MS12-024 – Vulnerability in Windows Could Allow Remote Code Execution (2653956)

Severity: Critical
Affected Software

  • Windows XP
  • Windows 2003 Server
  • Windows Vista
  • Windows 2008 Server
  • Windows 7

CVE-2012-0151 - WinVerifyTrust Signature Validation Vulnerability

MS12-027 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

Severity: Critical
Affected Software

  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft SQL Server 2000
  • Microsoft SQL Server 2005
  • Microsoft SQL Server 2008
  • Microsoft BizTalk Server 2002
  • Microsoft Commerce Server
  • Microsoft Visual FoxPro 8
  • Microsoft Visual FoxPro 9
  • Visual Basic 6.0 Runtime

Description: A remote code execution vulnerability exists in the Windows Authenticode Signature Verification function used for portable executable (PE) files.

CVE-2012-0158 - MSCOMCTL.OCX RCE Vulnerability

MS12-028 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

Severity: Important
Affected Software

  • Microsoft Office 2007
  • Microsoft Works 9
  • Microsoft Works 6-9 File Converter

Description: A remote code execution vulnerability exists in the Windows common controls. An attacker could exploit the vulnerability by constructing a specially crafted Web page.

CVE-2012-0177 - Office WPS Converter Heap Overflow Vulnerability

Description: A remote code execution vulnerability exists in Microsoft Office Works File Converter.