Global leaders are coming to Zenith Live. Are you? Learn More
Global leaders are coming to Zenith Live. Are you?
Learn More

 

Security Advisory - September 11, 2012

Zscaler Protects Against Latest Microsoft’s Patch Cycle

 

 

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following web based, client-side vulnerability included in the September 2012 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections as necessary.

MS12-061 – Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privileges (2719584)

Severity: Important
Affected Software

  • Microsoft Visual Studio Team Foundation Server 2010

CVE-2012-1892 - XSS Vulnerability

Description: A reflected cross-site scripting (XSS) vulnerability exists in Visual Studio Team Foundation Server that could allow an attacker to inject a client-side script into the user’s browser.

MS12-062 – Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)

Severity: Important
Affected Software

  • Microsoft Systems Management Server 2003
  • Microsoft System Center Configuration Manager 2007

CVE-2012-2536 - Reflected XSS Vulnerability

Description: A XSS vulnerability exists in System Center Configuration Manager where code can be injected back to the user in the resulting page, effectively allowing attacker-controlled code to run in the context of the user clicking the link.