Global leaders are coming to Zenith Live. Are you? Learn More
Global leaders are coming to Zenith Live. Are you?
Learn More

 

Security Advisory - August 14, 2012

Zscaler Protects Against Latest Microsoft’s Patch Cycle

 

 

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following seven web based, client-side vulnerabilities included in the June 2012 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections as necessary.

MS12-052 – Cumulative Security Update for Internet Explorer (2722913)

Severity: Critical
Affected Software

  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9

CVE-2012-1526 - Layout Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted.

CVE-2012-2521 - Asynchronous NULL Object Access Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted.

CVE-2012-2522 - Virtual Function Table Corruption Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer accesses a corrupted virtual function table that has been deleted.

CVE-2012-2523 - JavaScript Integer Overflow Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Internet Explorer calculates the size of an object in memory during a copy operation.

MS12-060 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)

Severity: Critical
Affected Software

  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft SQL Server 2000
  • Microsoft SQL Server 2005
  • Microsoft SQL Server 2008

CVE-2012-1856 - MSCOMCTL.OCX RCE Vulnerability

Description: A remote code execution vulnerability exists in the Windows common controls.

MS12-056 – Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045)

Severity: Important
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

CVE-2012-2523 - JavaScript Integer Overflow Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that the JScript and VBScript engines calculate the size of an object in memory during a copy operation.

MS12-059 – Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918)

Severity: Important
Affected Software

  • Microsoft Visio 2010
  • Microsoft Visio Viewer 2010

CVE-2012-1888 - Visio DXF File Format Buffer Overflow Vulnerability

Description: This is a remote code execution vulnerability.