Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft's 2012 kick-off features 7 security bulletins

07 Jan 2012   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Microsoft's 2012 kick-off features 7 security bulletins

Quote:
Microsoft plans to start 2012 with a surprisingly large Patch Tuesday that covers seven security bulletins which collectively address eight separate vulnerabilities. Previous January releases have normally featured only one or two bulletins.

The solitary critical bulletin in the batch fixes a remote code execution issue in Media Player. The remaining six "important" bulletins due next Tuesday handle the BEAST SSL issue and various information disclosure bugs, escalation of privilege issues and an update to Microsoft’s SEHOP (Structured Exception Handler Overwrite Protection) technology to enhance the defence-in-depth capability that it can offers to legacy applications. The "important" rather than critical status for the Beast SSL issue is at least debatable.
http://www.theregister.co.uk/2012/01...lert_jan_2012/

January 2012 Patch Tuesday Preview - The Laws of Vulnerabilities

Microsoft Security Bulletin Advance Notification for January 2012


My System SpecsSystem Spec
.
07 Jan 2012   #2
cluberti

Windows 10 Pro x64
 
 

The SSL vuln patch is labeled as "important" because mitigation is as easy as using an RC4 cipher rather than a CBC one, and if FIPS is required, migration to using TLS v1.1 or v1.2 mitigates it as well. TLSv1.1 was RFC'ed in 2006, and Microsoft's IIS7 (Server 2008) and Vista/Win7 support TLS v1.1 or v1.2. While the vulnerability itself is fairly critical, mitigation is fairly easy and attacks aren't seen as prevalent yet, and as such Microsoft deems that type of issue "important".
My System SpecsSystem Spec
Reply

 Microsoft's 2012 kick-off features 7 security bulletins




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
New security features added to Microsoft accounts
Source: New security features added to Microsoft accounts - The Official Microsoft Blog - Site Home - TechNet Blogs See also: How to See Detailed Information about your Microsoft Account Recent Activity How to Set up or Replace your Microsoft Account Recovery Code
News
Microsoft to support same IE9 security, privacy features on phone ....
Microsoft to support same IE9 security, privacy features on phone and desktop | ZDNet
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:05.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App