Windows News and info 15th Anniversary 2009-2024

Windows 11 | Windows 10 Modifying => Patch Tuesday| Updates | Security | Privacy | Anti-virus => Topic started by: javajolt on March 15, 2017, 03:33:11 PM

Title: Microsoft releases Windows 7 KB4012212 and Monthly Rollup KB4012215
Post by: javajolt on March 15, 2017, 03:33:11 PM

(http://s16.postimg.org/j8f29gr8l/Windows_7_KB4012212_KB4012215.jpg)

Microsoft has recently released two important updates for Windows 7. Security update KB4012212 and Monthly Rollup KBKB4012215 patch a series of severe vulnerabilities that could allow attackers to run remote codes using specially crafted applications and URLs.

As a quick reminder, the Redmond giant didn’t push any Windows 7 updates last month.

To install the latest Windows 7 security fixes and improvements, users can either download and install the security update KB4012212 or the Monthly Rollup KBKB4012215. The difference is that if you choose to install the Monthly Rollup, you’ll also install improvements and fixes from previous monthly rollups.

Windows 7 KB4012212 fixed vulnerabilities:

MS17-022 (http://technet.microsoft.com/library/security/MS17-022?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-66plS3nLyb4mmCZL02uEkA&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-66plS3nLyb4mmCZL02uEkA)()) Microsoft XML Core Services: This vulnerability could allow information disclosure if a user visits a malicious website.

MS17-021 (http://technet.microsoft.com/library/security/MS17-021?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-_nzydzlfeIkpz0RwfdsQmQ&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-_nzydzlfeIkpz0RwfdsQmQ)()) DirectShow: This vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content hosted on a malicious website.

MS17-020 (http://technet.microsoft.com/library/security/MS17-020?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-pUXMzvdjN6lrRfvpRRJOtQ&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-pUXMzvdjN6lrRfvpRRJOtQ)()) information disclosure vulnerability in Windows DVD MakerWindows DVD Maker.

MS17-019 (http://technet.microsoft.com/library/security/MS17-019?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-5Gj03k86fRCskmoWyDa.CA&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-5Gj03k86fRCskmoWyDa.CA)()) information disclosure vulnerability in Active Directory Federation Services.

MS17-018 (http://technet.microsoft.com/library/security/MS17-018?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-gLSZbAavjfGLM_kqG17nGg&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-gLSZbAavjfGLM_kqG17nGg)()) Windows Kernel-Mode Drivers: This vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. In other words, the attacker could take control of the affected system.

MS17-017 (http://technet.microsoft.com/library/security/MS17-017?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-e03CAcU1aVsgGcTXMyPRkQ&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-e03CAcU1aVsgGcTXMyPRkQ)()) elevation of privilege vulnerability in Windows Kernel.

MS17-016 (http://technet.microsoft.com/library/security/MS17-016?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-W.oW5WlRWw_JDfRy.DheRg&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-W.oW5WlRWw_JDfRy.DheRg)()) Internet Information Services: This vulnerability could allow elevation of privilege if users clicks a specially crafted URL hosted by an affected Microsoft IIS server. The attacker could potentially execute scripts in the user’s browser to obtain information from web sessions.

MS17-013 (http://technet.microsoft.com/library/security/MS17-013?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-rvK.ff6BArGij3RKNnKm.A&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-rvK.ff6BArGij3RKNnKm.A)()) Microsoft Graphics Component vulnerability affecting Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight that could allow remote code execution.

MS17-012 (http://technet.microsoft.com/library/security/MS17-012?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-00v9Qrbi07r89AFCCJiG_w&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-00v9Qrbi07r89AFCCJiG_w)()) Microsoft Windows remote code execution vulnerability.

MS17-011 (http://technet.microsoft.com/library/security/MS17-011?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-gE9Sr1TuuuOjbscejH7fDA&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-gE9Sr1TuuuOjbscejH7fDA)()) remote code execution vulnerability in Microsoft Uniscribe.

MS17-010 (http://technet.microsoft.com/library/security/MS17-010?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-pMaX4_xoCX6zDxhuYwlq_g&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-pMaX4_xoCX6zDxhuYwlq_g)()) remote code execution vulnerability in Windows SMB Server.

MS17-008 (http://technet.microsoft.com/library/security/MS17-008?ranMID=24542&ranEAID=hL3Qp0zRBOc&ranSiteID=hL3Qp0zRBOc-oDJwCcuriRsftS1fV5V79A&tduid=(4da89fd93fd601501985e742e5d7af8c)(256380)(2459594)(hL3Qp0zRBOc-oDJwCcuriRsftS1fV5V79A)()) Windows Hyper-V vulnerability that causes the Hyper-V host operating system to execute arbitrary code.

How to install KB4012212 and KBKB4012215

You can download the stand-alone package for these two updates from the Microsoft Update Catalog website (http://www.catalog.update.microsoft.com/Home.aspx). You can also download and install security update KB4012212 through Windows Update.

source:windowsreport