Patch Tuesday Rolls Around With Six Bulletins
By on March 13th, 2012

It’s that time of the month again: Today is Patch Tuesday, the one Tuesday of the month where Microsoft releases a set of updates to fix nasty — or mild — security issues with its products, and The Next Web has blogged about the riveting, earth-shattering updates that this month has to offer, along with some shiny charts that Microsoft released to spice up this otherwise boring blog post.

Of the updates — six in all — one is rated as ‘moderate’, four ‘important’, and one ‘critical’. In order of least important to most, at a glance the updates address security issues with DirectWrite, DNS, the Kernel, Visual Studio, Expression Design, and RDP. What’s ‘critical’ about the RDP bug? The Microsoft Security Response Center blog elaborates:

MS12-020 (Windows): This bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP). Both issues were cooperatively disclosed to Microsoft and we know of no active exploitation in the wild. The Critical-class issue applies to a fairly specific subset of systems – those running RDP – and is less problematic for those systems with Network Level Authentication (NLA) enabled. That said, we strongly recommend that customers examine and prepare to apply this bulletin as soon as possible. The Critical-class issue could allow a would-be attacker to achieve remote code execution on a machine running RDP (a non-default configuration); if the machine does not have NLA enabled, the attacker would not require authentication for RCE access.

They’ve also included some shiny charts to visually present the fixes in a sleek, attractive manner. Here they are:

Tags: ,
Author: Paul Paliath Google Profile for Paul Paliath
I founded and regularly wrote blog posts on GeekSmack from 2008 until 2011, when I failed at running a blog. I now write about Microsoft for Techie-Buzz. When not writing blog posts, I'm usually found designing websites and learning how to code. You should follow me on Twitter here.

Paul Paliath has written and can be contacted at paul@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN