Security Advisory - May 08, 2012

Zscaler Protects Against Latest Microsoft’s Patch Cycle

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following web based, client-side vulnerability included in the May 2012 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections as necessary.

MS12-029 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)

Severity: Critical
Affected Software

  • Microsoft Word 2003
  • Microsoft Word 2007
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011

CVE-2012-0183 - RTF Mismatch Vulnerability

Description: A remote code execution vulnerability exists in the way that affected Microsoft Office software parses specially crafted Rich Text Format (RTF) data.

MS12-030 – Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)

Severity: Important
Affected Software

  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011

CVE-2012-0141-Excel File Format Memory Corruption Vulnerability

CVE-2012-0142-Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability

CVE-2012-0143-Excel Memory Corruption Using Various Modified Bytes Vulnerability

CVE-2012-0184-Excel SXLI Record Memory Corruption Vulnerability

CVE-2012-0185-Excel MergeCells Record Heap Overflow Vulnerability

CVE-2012-1847-Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Excel handles specially crafted Excel files.

MS12-031 – Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)

Severity: Critical
Affected Software

  • Microsoft Visio Viewer 2010

CVE-2012-0018 - VSD File Format Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that Microsoft Visio validates attributes when handling specially crafted Visio files.

MS12-034 – Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)

Severity: Critical
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Silverlight 4
  • Microsoft Silverlight 5

CVE-2012-0165 - GDI+ Record Type Vulnerability

Description: A remote code execution vulnerability exists in the way that GDI+ handles validation of specially crafted EMF images.

CVE-2012-0167 - GDI+ Heap Overflow Vulnerability

Description: A remote code execution vulnerability exists in the way that the Office GDI+ library handles validation of specially crafted EMF images embedded within an Office document.

CVE-2012-0159 - TrueType Font Parsing Vulnerability

Description: A remote code execution vulnerability exists in the way that affected components handle a specially crafted TrueType font file.

CVE-2011-3402 - TrueType Font Parsing Vulnerability

Description: A remote code execution vulnerability exists in the way that affected components handle a specially crafted TrueType font file.

MS12-035 – Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)

Severity: Critical
Affected Software

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7

CVE-2012-0161 .NET Framework Serialization Vulnerability

Description: A remote code execution vulnerability exists in the Microsoft .NET Framework due to the improper serialization of untrusted input through partially trusted assemblies.