Windows 7 Forums Search
Register | Today's Posts | Tutorials | Vista Forum | Windows 8 Forum | Search
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows 7. The Windows 7 forum also covers news and updates and has an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Go Back Windows 7 Forums > Windows 7 help and support > Windows Updates & Activation »

Windows 7 - Microsoft's 2012 kick-off features 7 security bulletins

 
01-07-2012   #1
JMH


Win 7 Ultimate 64-bit. SP1.
9,222 posts
 
 

Microsoft's 2012 kick-off features 7 security bulletins
Quote:
Microsoft plans to start 2012 with a surprisingly large Patch Tuesday that covers seven security bulletins which collectively address eight separate vulnerabilities. Previous January releases have normally featured only one or two bulletins.

The solitary critical bulletin in the batch fixes a remote code execution issue in Media Player. The remaining six "important" bulletins due next Tuesday handle the BEAST SSL issue and various information disclosure bugs, escalation of privilege issues and an update to Microsoft’s SEHOP (Structured Exception Handler Overwrite Protection) technology to enhance the defence-in-depth capability that it can offers to legacy applications. The "important" rather than critical status for the Beast SSL issue is at least debatable.
http://www.theregister.co.uk/2012/01...lert_jan_2012/

January 2012 Patch Tuesday Preview - The Laws of Vulnerabilities

Microsoft Security Bulletin Advance Notification for January 2012

My System SpecsSystem Spec
01-07-2012   #2


Windows Server 2008 R2
2,177 posts
 
 

The SSL vuln patch is labeled as "important" because mitigation is as easy as using an RC4 cipher rather than a CBC one, and if FIPS is required, migration to using TLS v1.1 or v1.2 mitigates it as well. TLSv1.1 was RFC'ed in 2006, and Microsoft's IIS7 (Server 2008) and Vista/Windows 7 support TLS v1.1 or v1.2. While the vulnerability itself is fairly critical, mitigation is fairly easy and attacks aren't seen as prevalent yet, and as such Microsoft deems that type of issue "important".
My System SpecsSystem Spec
Reply

 Microsoft's 2012 kick-off features 7 security bulletins problems?



« Service Pack 1 (Windows 7 Ultimate 64bit) Not Showing Up | How to remove the windows 7 update icon from tray? »
Thread Tools



Similar Threads for: Microsoft's 2012 kick-off features 7 security bulletins
Thread Forum
Microsoft Security Bulletin Advance Notification for February 2012 Windows Updates & Activation
Microsoft Security Bulletin for January 10 2012 Windows Updates & Activation
Additional Fixes in Microsoft Security Bulletins Security News
Microsoft Security Bulletins and Advisories will be moving Security News
Microsoft Released 106 Security Bulletins in 2010 Security News


All times are GMT -5. The time now is 03:32 AM.

Windows 8 Forums - - Contact Us - Windows 7 Forums - Legal - Privacy and cookies - Top


Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30