Verint Witness Impact 360 Third Party Certification Report

Impact 360
Third Party Certification Report

Document Revision 1.02
March 2014
1992 2014 Verint Systems Inc. All Rights Reserved Worldwide.

Confidential and Proprietary Information of Verint Systems Inc.
All materials (regardless of form and including, without limitation, software applications,
documentation, and any other information relating to Verint Systems, its products or
services) are the exclusive property of Verint Systems Inc. Only expressly authorized
individuals under obligations of confidentiality are permitted to review materials in this
document. By reviewing these materials, you agree to not disclose these materials to any
third party unless expressly authorized by Verint Systems, and to protect the materials as
confidential and trade secret information. Any unauthorized review, retransmission,
dissemination or other use of these materials is strictly prohibited. If you are not
authorized to review these materials, please return these materials (and any copies) from
where they were obtained. All materials found herein are provided AS IS and without
warranty of any kind.
Verint Systems Inc. does not warrant, guarantee or make any representation regarding
the use or the results of the use of the information, links, tools, and materials in terms of
the accuracy, reliability, quality, validity, stability, completeness, currentness, or
otherwise of its content or products. The entire risk as to the use, results and performance
of information, links, tools and materials provided or referenced herein is assumed by the
user. Verint Systems Inc. shall not be liable for damages resulting from the use, misuse
or unlawful use of the information, links, tools, and materials contained or referenced
herein.
Any third party technology that may be appropriate or necessary for use with the Verint
Product is licensed to you only for use with the Verint Product under the terms of the third
party license agreement specified in the Documentation, the Software or as provided
online at http://verint.com/thirdpartylicense. You may not take any action that would
separate the third party technology from the Verint Product. Unless otherwise permitted
under the terms of the third party license agreement, you agree to only use the third
party technology in conjunction with the Verint Product.
The Verint Systems Inc. products are protected by one or more U.S., European or
International Patents and other U.S. and International Patents and Patents Pending.
All marks referenced herein with the or symbol are registered trademarks or
trademarks of Verint Systems Inc. or its subsidiaries. All rights reserved. All other marks
are trademarks of their respective owners.
Visit our website at www.verint.com/intellectualpropertynotice for updated information on
Verint Intellectual Property.
Document Revision 1.02
Published March 25, 2014 7:46 PM
**NOTICE: April Release will be on April 28th and not April 22nd.
Contents
Introduction ................................................................................................. 4
Scope and Intended Audience ......................................................................... 4
Verints Policy Regarding Updates .................................................................... 4
Updates Recommended .............................................................................. 4
Updates Not Recommended ......................................................................... 5
Non Approved Security Updates ................................................................... 5
Verint Guidance on Security Updates ............................................................... 5
Post-Installation Requirements .................................................................... 6
Security Updates Recommended Microsoft ................................................ 11
Windows Updates Recommended Microsoft ............................................... 87
JRE & Apache Tomcat Updates .................................................................. 7
Apache HTTP Server for Cognos ................................................................. 10
Non Approved Security Updates ................................................................. 10
Introduction
Third Party Certification

Report
This document describes Verints policy and position related to Third Party Certification.
Introduction
This cumulative bulletin contains Microsoft updates & Third-Party updates in accordance
with Verints policy on supporting Microsoft Operating Systems, Service Packs, Security
Bulletins and Security updates.
For information on Verints policy, see Verints Microsoft and Third-Party Support Policy
document.
Scope and Intended Audience

This bulletin is intended for Verint customers and provides support for all Verint products:
NOTE
The Microsoft updates certification is also relevant for all Impact360

versions (11, 10, 7.8, etc.).
All JRE/Apache/Apache HTTP server updates are relevant only
for Impact360 V11 and cannot be installed on legacy versions.
Verints Policy Regarding Updates

This certification report is cumulative and reflects Verints Third-Party certification
policy.
Verints recommendation policy includes the following levels of recommendation:
Updates Recommended
Updates Not Recommended
Non Approved Security Updates
Updates Recommended
Verint provides recommendations for the following Third-Party product updates, which are
used by the Verint products:
Impact 360 Third Party Certification Report

Microsoft Security Updates & Windows Updates
JRE
Apache Tomcat
Apache HTTP Server
Verint Guidance on Security Updates
Updates Not Recommended

Verint does not provide recommendations for the following types of updates:
Microsoft Service Packs that are not part of the Verints supported products
Microsoft Security Updates that are not part of the Verints supported products
It is Verints recommendation that customers DO NOT install these types of updates, but
rather wait for the relevant Microsoft Service Packs that roll up all the non-critical updates.
Should the customer choose to apply any of these updates as per their own IT policy, the
customer must contact Verint Systems Technical Support.

Verint provides instructions not to install specific fixes for the above Third-Party products.
These fixes are not compatible with Verint products or Windows products and must
therefore not be implemented. Once installed on Impact 360 environments, these Updates
were found to be damaging.
Should the customer choose to apply any of these updates as per their own IT policy,
customer must contact Verint Systems Technical Support.

Verint Guidance is provided on the followings requirements and updates:

Post-Installation Requirements
Security Updates Recommended Microsoft
Windows Updates Recommended Microsoft
Apache HTTP Server for Cognos

Post-Installation Requirements
This section presents third party updates, which may cause dis-functionality in Impact 360
systems, and to overcome these issues, certain steps should be taken.
KB2661254 - Verify Certificate Key Length in SSL Enabled Systems

Microsoft released windows update 2661254 which restricts the use of certificates with RSA
keys less than 1024 bits in length (This update has become a windows critical update and is
installed on all servers that use the WSUS server and are configured to have critical updates
installation).
To resolve the issue a new RSA certificate must be created with 1024 bits or higher, and
configured in the system.

JRE & Apache Tomcat Updates

Desktop Policy
Updating desktops is the customers responsibility. However, Verint certifies its desktop
software against the latest available 3rd party software updates on a monthly basis. The
recommended version is the latest version that was certified by Verint. Verint does not
supply the installation package for 3rd party updates on desktops.
Recommended Desktop Version Updates
Version
Published Date
JRE 7 Update 51
December 2013
Important Notice
This client version is supported only if the following is done:
For WFM:
On Application Server: Set non Static JRE Versioning in System Management General
Settings
On Client Browser: (If I360 version is lower than 11.1.1.1929)
Click Run to allow application will run with unrestricted access.. (can be suppressed
to only shown once by checking Do Not show this again for apps from the
publisher)
Add Exception Site list, the AppServer and port number to Java Control Panel
Security tab of each Client machine or via file.
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/exception_site_list.html
For Data Analytics Instance Builder & Storage Manager Rule Editor:
For V11.1 SP1: Install KB115932
For U10 (all versions): Install U100_8826

After KB installations the following Windows will be shown when trying to open Data
Analytics Instance Builder or Storage manager Rule Editor, make sure you check the I
accept and click Run
Second window will be empty, click Close and you will then be able to open the applications
properly.

Server Policy
Updating desktops is the customers responsibility. However Verint certifies its server
software against the latest available 3rd party software version on a monthly basis. As
opposed to desktops, the software updates used are only the ones supplied by Verint.
Do not use other packages from the 3rd party software vendors.
A tool which automates the updates of the JRE version and the Apache Tomcat can be
downloaded from GURU.
The JRE & Apache version update tool is provided in two formats:
A standalone installation tool.
Included in the HFR kit.
NOTE
The third party update tool is provided on a monthly basis,

effective December 2012.
The update tool will also be included in future V11 kits that are
due to be published effective January 2013.
Latest Certified Updates for Impact360 & KMS Servers

Version
Published Date
JRE 6 Update 71
December 2013
Apache Tomcat 6.0.37
May 2012
Installation Steps for JRE & Apache Tomcat updates on Impact360 Servers:
1. From the Latest Hotfix section in Guru, download the Hotfix Deploy
Tool.zip
NOTE
If you have downloaded the Hotfix Deploy Tool.zip in the past you do not need
to download it again.
2. Unzip the Deploy tool in any computer that has network connection to the
system.
3. Download the JavaUpgrade.exe from one of the following links and click
Open:
a. For Verint Internal user, please use this link
b. For Online users, please use this link

10
This file holds the updated JRE and Tomcat versions as mentioned below.
4. Copy JavaUpgrade.exe to the same folder which the Deploy tool has been
extracted.
5. Double click on the Hotfix Deploy Tool.exe
6. Double click on the JavaUpgrade.exe.
7. Double click on Setup.exe and click Next when prompted, until the task is
completed.
There is an option use the deploy tool to install on multiple servers. For further
instructions please see the Hotfix Deploy Tool User Guide which is located in
the same location where the tool was downloaded from.
Installation Steps for JRE & Apache Tomcat updates on KMS Servers:
For Verint Internal users, please use this link and click Open
For External users, please use this link and click Open
Apache HTTP Server for Cognos

Impact Version
Apache Version
V11.0 SP1 and V11.1 SP0
HTTP Server 2.0.64
Download Link
For Verint Internal user, please use
this link
For External users, please use this link
V11.1 SP1 HFR2 and

higher
HTTP Server 2.2.25
For Verint Internal user, please use

this link
For External users, please use this link

The following Updates are not approved by Verint as they are not compatible with Verint
products or Windows products and must therefore not be implemented.
In addition, these Updates were found to be damaging, if they are installed on Impact 360
environments.
Should the customer choose to apply any of these updates per their own IT policy, customer
must contact Verint Systems Technical Support.
Product
Summary / Version
Severity & Impact
Published Date
N/A
N/A
N/A
N/A

11
Security Updates Recommended Microsoft

Customers are recommended to apply the following Security Updates on Windows 2008
and Windows 2003 systems, which are supported by Microsoft Service Pack releases listed
in the Error! Reference source not found.:
March 2014
Bulletin
ID
MS14-012
Bulletin Title and Executive Summary
Cumulative Security Update for Internet Explorer (2925418)
Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code Execution
This security update resolves one publicly disclosed vulnerability and

seventeen privately reported vulnerabilities in Internet Explorer. These
vulnerabilities could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An attacker who
successfully exploited these vulnerabilities could gain the same user
rights as the current user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who
operate with administrative user rights.
MS14-013
Vulnerability in Microsoft DirectShow Could Allow Remote Code
Critical
Execution (2929961)
This security update resolves a privately reported vulnerability in

Microsoft Windows. The vulnerability could allow remote code execution
if a user opens a specially crafted image file. An attacker who
successfully exploited this vulnerability could gain the same user rights
as the current user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users who
MS14-015
Vulnerabilities in Windows Kernel-Mode Driver Could Allow
Important
Elevation of Privilege (2930275)
Elevation of Privilege

12
Bulletin
ID
Maximum Severity
Rating and
Vulnerability
Impact
one privately reported vulnerability in Microsoft Windows. The more

severe of these vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially crafted application.
An attacker must have valid logon credentials and be able to log on
locally to exploit these vulnerabilities.
MS14-016
Vulnerability in Security Account Manager Remote (SAMR) Protocol
Important
Could Allow Security Feature Bypass (2934418)
Security Feature Bypass
This security update resolves one privately reported vulnerability in

Microsoft Windows. The vulnerability could allow security feature bypass
if an attacker makes multiple attempts to match passwords to a
username.
February 2014
Bulletin
ID
MS14-010
Cumulative Security Update for Internet Explorer (2909921)
Maximum Severity
Rating and
Vulnerability
Impact
Critical

twenty-three privately reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer. An attacker
who successfully exploited the most severe of these vulnerabilities could
gain the same user rights as the current user. Users whose accounts are
configured to have fewer user rights on the system could be less
impacted than users who operate with administrative user rights.
MS14-011
Vulnerability in VBScript Scripting Engine Could Allow Remote
Critical
Code Execution (2928390)

13
Bulletin
ID
Maximum Severity
Rating and
Vulnerability
Impact
This security update resolves a privately reported vulnerability in the

VBScript scripting engine in Microsoft Windows. The vulnerability could
allow remote code execution if a user visited a specially crafted website.
An attacker would have no way to force users to visit the website.
Instead, an attacker would have to convince users to take action,
typically by getting them to click a link in an email message or Instant
Messenger message that takes users to the attacker's website.
MS14-007
Vulnerability in Direct2D Could Allow Remote Code Execution
Critical
(2912390)

Microsoft Windows. The vulnerability could allow remote code execution
if a user views a specially crafted webpage using Internet Explorer. An
attacker would have no way to force users to view specially crafted
content. Instead, an attacker would have to convince users to take
action, typically by getting them to click a link in an email message or in
an Instant Messenger message that takes users to an attacker's website,
or by getting them to open an attachment sent through email.
MS14-008
Vulnerability in Microsoft Forefront Protection for Exchange Could
Critical
Allow Remote Code Execution (2927022)

Microsoft Forefront. The vulnerability could allow remote code
execution if a specially crafted email message is scanned.
MS14-009
Vulnerabilities in .NET Framework Could Allow Elevation of
Important
Privilege (2916607)
This security update resolves two publicly disclosed vulnerabilities and

one privately reported vulnerability in Microsoft .NET Framework. The
most severe vulnerability could allow elevation of privilege if a user visits
a specially crafted website or a website containing specially crafted web
content. In all cases, however, an attacker would have no way to force
users to visit such websites. Instead, an attacker would have to convince
users to visit the compromised website, typically by getting them to click

14
Bulletin
ID
Maximum Severity
Rating and
Vulnerability
Impact
a link in an email message or in an Instant Messenger message that

takes them to the attacker's website.
MS14-005
Vulnerability in Microsoft XML Core Services Could Allow
Important
Information Disclosure (2916036)
Information Disclosure
This security update resolves a publicly disclosed vulnerability in

Microsoft XML Core Services included in Microsoft Windows. The
vulnerability could allow information disclosure if a user views a specially
crafted webpage using Internet Explorer. An attacker would have no way
to force users to view specially crafted content. Instead, an attacker
would have to convince users to take action, typically by getting them to
click a link in an email message or in an Instant Messenger message that
takes users to an attacker's website, or by getting them to open an
attachment sent through email.
MS14-006
Vulnerability in IPv6 Could Allow Denial of Service (2904659)
Important
Denial of Service
This security update resolves a publicly disclosed vulnerability in

Microsoft Windows. The vulnerability could allow denial of service if an
attacker sends a large number of specially crafted IPv6 packets to an
affected system. To exploit the vulnerability, an attacker's system must
belong to the same subnet as the target system.
January 2014
Bulletin
ID
MS14-002
Vulnerability in Windows Kernel Could Allow Elevation

of Privilege (2914368)
Maximum Severity
Rating and
Vulnerability
Impact
Important
This security update resolves a publicly disclosed vulnerability

in Microsoft Windows. The vulnerability could allow elevation of
privilege if an attacker logs on to a system and runs a specially

15
Bulletin
ID
Maximum Severity
Rating and
Vulnerability
Impact
crafted application. An attacker must have valid logon

credentials and be able to log on locally to exploit this
vulnerability.
MS14-003
Vulnerability in Windows Kernel-Mode Drivers Could

Allow Elevation of Privilege (2913602)
Important
This security update resolves a privately reported vulnerability

in Microsoft Windows. The vulnerability could allow elevation of
privilege if a user logs on to a system and runs a specially
vulnerability.
December 2013
Bulletin ID
MS13-096
Vulnerability in Microsoft Graphics Component Could

allow Remote Code Execution (2908005)
Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code
Execution
This security update resolves a publicly disclosed

vulnerability in Microsoft Windows, Microsoft Office, and
Microsoft Lync. The vulnerability could allow remote code
execution if a user views content that contains specially
crafted TIFF files.
MS13-097
Cumulative Security Update for Internet Explorer

(2898785)
Critical
Remote Code
Execution
This security update resolves seven privately reported

vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer.
An attacker who successfully exploited the most severe of
these vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to have

16
Bulletin ID
Maximum Severity
Rating and
Vulnerability
Impact
fewer user rights on the system could be less impacted than

users who operate with administrative user rights.
MS13-098
Vulnerability in Windows Could Allow Remote Code

Execution (2893294)
Critical
Remote Code
Execution
This security update resolves a privately reported

vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user or application runs or
installs a specially crafted, signed portable executable (PE)
file on an affected system.
MS13-099
Vulnerability in Microsoft Scripting Runtime Object

Library Could Allow Remote Code Execution
(2909158)
Critical
Remote Code
Execution

allow remote code execution if an attacker convinces a user
to visit a specially crafted website or a website that hosts
specially crafted content. An attacker who successfully
exploited this vulnerability could gain the same user rights
as the local user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.
MS13-101
Vulnerabilities in Windows Kernel-Mode Drivers Could

Important
This security update resolves five privately reported

vulnerabilities in Microsoft Windows. The more severe of
these vulnerabilities could allow elevation of privilege if an
attacker logs on to a system and runs a specially crafted
application. An attacker must have valid logon credentials
and be able to log on locally to exploit this vulnerability.
MS13-102
Vulnerability in LRPC Client Could Allow Elevation of

Privilege (2898715)
Important

17
Bulletin ID
Maximum Severity
Rating and
Vulnerability
Impact

allow elevation of privilege if an attacker spoofs an LRPC
server and sends a specially crafted LPC port message to
any LRPC client. An attacker who successfully exploited the
vulnerability could then install programs; view, change, or
delete data; or create new accounts with full administrator
rights. An attacker must have valid logon credentials and be
able to log on locally to exploit this vulnerability.
November 2013
Bulletin ID
MS13-088

(2888505)
Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code
Execution
This security update resolves ten privately reported

An attacker who successfully exploited the most severe of
these vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than
MS13-089
Vulnerability in Windows Graphics Device Interface

Could Allow Remote Code Execution (2876331)
Critical
Remote Code
Execution

allow remote code execution if a user views or opens a
specially crafted Windows Write file in WordPad. An attacker
who successfully exploited this vulnerability could gain the
same user rights as the current user. Users whose accounts
are configured to have fewer user rights on the system

18
Bulletin ID
Maximum Severity
Rating and
Vulnerability
Impact
could be less impacted than users who operate with

administrative user rights.
MS13-090
Cumulative Security Update of ActiveX Kill Bits

(2900986)
Critical
Remote Code
Execution

vulnerability that is currently being exploited. The
vulnerability exists in the InformationCardSigninHelper
Class ActiveX control. The vulnerability could allow remote
code execution if a user views a specially crafted webpage
with Internet Explorer, instantiating the ActiveX control.
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who
MS13-092
Vulnerability in Hyper-V Could Allow Elevation of

Privilege (2893986)
Important

allow elevation of privilege if an attacker passes a specially
crafted function parameter in a hypercall from an existing
running virtual machine to the hypervisor. The vulnerability
could also allow denial of service for the Hyper-V host if the
attacker passes a specially crafted function parameter in a
hypercall from an existing running virtual machine to the
hypervisor.
MS13-093
Vulnerability in Windows Ancillary Function Driver

Could Allow Information Disclosure (2875783)
Important

allow information disclosure if an attacker logs on to an
affected system as a local user, and runs a specially crafted
application on the system that is designed to enable the
attacker to obtain information from a higher-privileged
account. An attacker must have valid logon credentials and

19
Bulletin ID
Maximum Severity
Rating and
Vulnerability
Impact
be able to log on locally to exploit this vulnerability.
MS13-095
Vulnerability in Digital Signatures Could Allow Denial

of Service (2868626)
Important
Denial of Service

allow denial of service when an affected web service
processes a specially crafted X.509 certificate.
October 2013
Bulletin ID
Maximum Severity
Rating and
Vulnerability Impact
MS13-080

(2879017)
Critical
This security update resolves one publicly disclosed

vulnerability and eight privately reported vulnerabilities in
Internet Explorer. The most severe vulnerabilities could
allow remote code execution if a user views a specially
crafted webpage using Internet Explorer. An attacker who
successfully exploited the most severe of these
vulnerabilities could gain the same user rights as the current
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users
who operate with administrative user rights.
MS13-081
Vulnerabilities in Windows Kernel-Mode Drivers Could

Critical

vulnerabilities in Microsoft Windows. The most severe of
these vulnerabilities could allow remote code execution if a
user views shared content that embeds OpenType or
TrueType font files. An attacker who successfully exploited

20
Bulletin ID
Maximum Severity
Rating and
these vulnerabilities could take complete control of an

affected system.
MS13-082
Vulnerabilities in .NET Framework Could Allow

Remote Code Execution (2878890)
Critical
This security update resolves two privately reported

vulnerabilities and one publicly disclosed vulnerability in
Microsoft .NET Framework. The most severe of the
visits a website containing a specially crafted OpenType font
(OTF) file using a browser capable of instantiating XBAP
applications.
MS13-083
Vulnerability in Windows Common Control Library

Critical

allow remote code execution if an attacker sends a specially
crafted web request to an ASP.NET web application running
on an affected system. An attacker could exploit this
vulnerability without authentication to run arbitrary code.
September 2013
Bulletin ID
Maximum Severity Rating

and Vulnerability Impact
MS13-069

(2870699)
Critical
This security update resolves ten privately reported

vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited the
most severe of these vulnerabilities could gain the
same user rights as the current user. Users whose

21
Bulletin ID

accounts are configured to have fewer user rights on

the system could be less impacted than users who
MS13-070
Vulnerability in OLE Could Allow Remote Code

Execution (2876217)
Critical

vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
file that contains a specially crafted OLE object. An
attacker who successfully exploited this vulnerability
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
MS13-071
Vulnerability in Windows Theme File Could Allow

Important

could allow remote code execution if a user applies a
specially crafted Windows theme on their system. In
all cases, a user cannot be forced to open the file or
apply the theme; for an attack to be successful, a user
must be convinced to do so.
MS13-076
Vulnerabilities in Kernel-Mode Drivers Could

Important

vulnerabilities in Microsoft Windows. The vulnerabilities
could allow elevation of privilege if an attacker logs
onto the system and runs a specially crafted
application. An attacker must have valid logon
credentials and be able to log on locally to exploit
these vulnerabilities.
MS13-077
Vulnerability in Windows Service Control
Important

22
Bulletin ID

Manager Could Allow Elevation of Privilege

(2872339)

could allow elevation of privilege if an attacker
convinces an authenticated user to execute a specially
crafted application. To exploit this vulnerability, an
attacker either must have valid logon credentials and
be able to log on locally or must convince a user to run
the attacker's specially crafted application.
MS13-079
Vulnerability in Active Directory Could Allow

Denial of Service (2853587)
Important
Denial of Service

vulnerability in Active Directory. The vulnerability
could allow denial of service if an attacker sends a
specially crafted query to the Lightweight Directory
Access Protocol (LDAP) service.
August 2013
Bulletin ID

MS13-059
Cumulative Security Update for Internet

Explorer (2862772)
Critical
This security update resolves eleven privately

reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully
exploited the most severe of these vulnerabilities
user rights on the system could be less impacted
than users who operate with administrative user
rights.

23
Bulletin ID

MS13-060
Vulnerability in Unicode Scripts Processor

Critical

vulnerability in the Unicode Scripts Processor
included in Microsoft Windows. The vulnerability
could allow remote code execution if a user viewed a
specially crafted document or webpage with an
application that supports embedded OpenType fonts.
An attacker who successfully exploited this
vulnerability could gain the same user rights as the
current user. Users whose accounts are configured to
impacted than users who operate with administrative
user rights.
MS13-062
Vulnerability in Remote Procedure Call Could

Important

could allow elevation of privilege if an attacker sends
a specially crafted RPC request.
MS13-063
Vulnerabilities in Windows Kernel Could Allow

Important

vulnerability and three privately reported
vulnerabilities in Microsoft Windows. The most
severe vulnerabilities could allow elevation of
privilege if an attacker logged on locally and ran a
specially crafted application. An attacker must have
valid logon credentials and be able to log on locally
to exploit these vulnerabilities. The vulnerabilities
could not be exploited remotely or by anonymous
users.
MS13-064
Vulnerability in Windows NAT Driver Could

Allow Denial of Service (2849568)
Important
Denial of Service

24
Bulletin ID


vulnerability in the Windows NAT Driver in Microsoft
Windows. The vulnerability could allow denial of
service if an attacker sends a specially crafted ICMP
packet to a target server that is running the
Windows NAT Driver service.
MS13-065
Vulnerability in ICMPv6 could allow Denial of

Service (2868623)
Important
Denial of Service

could allow a denial of service if the attacker sends a
specially crafted ICMP packet to the target system.
MS13-066
Vulnerability in Active Directory Federation

Services Could Allow Information Disclosure
(2873872)
Important

vulnerability in Active Directory Federation Services
(AD FS). The vulnerability could reveal information
pertaining to the service account used by AD FS. An
attacker could then attempt logons from outside the
corporate network, which would result in account
lockout of the service account used by AD FS if an
account lockout policy has been configured. This
would result in denial of service for all applications
relying on the AD FS instance.
July 2013
Bulletin ID
MS13-052
Vulnerabilities in .NET Framework and

Silverlight Could Allow Remote Code Execution
(2861561)
Maximum Severity
Rating and
Critical

25
Bulletin ID
Maximum Severity
Rating and

vulnerabilities and two publicly disclosed
vulnerabilities in Microsoft .NET Framework and
Microsoft Silverlight. The most severe of these
trusted application uses a particular pattern of code.
An attacker who successfully exploited this
logged-on user. Users whose accounts are
configured to have fewer user rights on the system
MS13-053
Vulnerabilities in Windows Kernel-Mode Drivers

Critical
This security update resolves two publicly disclosed

and six privately reported vulnerabilities in Microsoft
Windows. The most severe vulnerability could allow
remote code execution if a user views shared content
that embeds TrueType font files. An attacker who
successfully exploited this vulnerability could take
complete control of an affected system.
MS13-054
Vulnerability in GDI+ Could Allow Remote Code

Execution (2848295)
Critical

vulnerability in Microsoft Windows, Microsoft Office,
Microsoft Lync, and Microsoft Visual Studio. The
vulnerability could allow remote code execution if a
user views shared content that embeds TrueType
font files.
MS13-055

Explorer (2846071)
Critical
This security update resolves seventeen privately

reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code

26
Bulletin ID
Maximum Severity
Rating and

user rights on the system could be less impacted
than users who operate with administrative user
rights.
MS13-056
Vulnerability in Microsoft DirectShow Could

Critical

specially crafted image file. An attacker who
successfully exploited this vulnerability could gain
the same user rights as the local user. Users whose
MS13-057
Vulnerability in Windows Media Format

Runtime Could Allow Remote Code Execution
(2847883)
Critical

specially crafted media file. An attacker who
successfully exploited this vulnerability could gain
the same user rights as the local user. Users whose
MS13-058
Vulnerability in Windows Defender Could Allow

Important

vulnerability in Windows Defender for Windows 7 and
Windows Defender when installed on Windows
Server 2008 R2. The vulnerability could allow

27
Bulletin ID
Maximum Severity
Rating and
elevation of privilege due to the pathnames used by

Windows Defender. An attacker who successfully
exploited this vulnerability could execute arbitrary
code and take complete control of an affected
system. The attacker could then install programs;
view, change, or delete data; or create new accounts
with full user rights. An attacker must have valid
logon credentials to exploit this vulnerability. The
vulnerability could not be exploited by anonymous
users.
June 2013
Bulletin ID
Maximum Severity
Rating and
MS13-047

Explorer (2838727)
Critical
This security update resolves nineteen privately

reported vulnerabilities in Internet Explorer. The most
severe vulnerabilities could allow remote code
MS13-048
Vulnerability in Windows Kernel Could Allow

Important
This security update resolves one privately reported

vulnerability in Windows. The vulnerability could allow
information disclosure if an attacker logs on to a
system and runs a specially crafted application or
convinces a local, logged-in user to run a specially

28
Bulletin ID
Maximum Severity
Rating and

vulnerability. Note that this vulnerability would not
allow an attacker to execute code or to elevate their
user rights directly, but it could be used to produce
information that could be used to try to further
compromise an affected system.
MS13-049
Vulnerability in Kernel-Mode Driver Could Allow

Important
Denial of Service

could allow denial of service if an attacker sends
specially crafted packets to the server. Firewall best
practices and standard default firewall configurations
can help protect networks from attacks that originate
outside the enterprise perimeter.
MS13-050
Vulnerability in Windows Print Spooler

Components Could Allow Elevation of Privilege
(2839894)
Important
Elevation of privilege

could allow elevation of privilege when an
authenticated attacker deletes a printer connection.
An attacker must have valid logon credentials and be
able to log on to exploit this vulnerability.
May 2013
Bulletin ID
Maximum Severity
Rating and
MS13-037

Explorer (2829530)
Critical
This security update resolves eleven privately

29
Bulletin ID
Maximum Severity
Rating and

MS13-038
Security Update for Internet Explorer

(2847204)
Critical

vulnerability in Internet Explorer. The vulnerability
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
MS13-039
Vulnerability in HTTP.sys Could Allow Denial of

Service (2829254)
Important
Denial of Service

specially crafted HTTP packet to an affected Windows
server or client.
MS13-040

Spoofing (2836440)
Important
Spoofing

vulnerability and one publicly disclosed vulnerability in
the .NET Framework. The more severe of the
vulnerabilities could allow spoofing if a .NET
application receives a specially crafted XML file. An

30
Bulletin ID
Maximum Severity
Rating and
attacker who successfully exploited the vulnerabilities

could modify the contents of an XML file without
invalidating the file's signature and could gain access
to endpoint functions as if they were an authenticated
user.
MS13-046

Allow Elevation Of Privilege (2840221)
Important
This security update resolves three privately reported

vulnerabilities in Microsoft Windows. The
vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially
April 2013
Bulletin ID
Maximum Severity
Rating and
MS13-028

Explorer (2817183)
Critical

vulnerabilities in Internet Explorer. These
Explorer. An attacker who successfully exploited these
vulnerabilities could gain the same user rights as the
user rights.
MS13-029
Vulnerability in Remote Desktop Client Could
Critical

31
Bulletin ID
Maximum Severity
Rating and

vulnerability in Windows Remote Desktop Client. The
user views a specially crafted webpage. An attacker
who successfully exploited the vulnerability could gain
the same user rights as the current user. Users whose
MS13-031

Important

MS13-032
Vulnerability in Active Directory Could Lead to

Important
Denial of Service

vulnerability in Active Directory. The vulnerability
specially crafted query to the Lightweight Directory
Access Protocol (LDAP) service.
MS13-033
Vulnerability in Windows Client/Server Runtime Subsystem (CSRSS) Could Allow Elevation

of Privilege (2820917)
Important

vulnerability in all supported editions of Windows XP,
Windows Vista, Windows Server 2003, and Windows
Server 2008. The vulnerability could allow elevation of

32
Bulletin ID
Maximum Severity
Rating and
privilege if an attacker logs on to a system and runs a

specially crafted application. An attacker must have
valid logon credentials and be able to log on locally to
exploit this vulnerability.
MS13-036
Vulnerabilities in Kernel-Mode Driver Could

Important

vulnerabilities and one publicly disclosed vulnerability
in Microsoft Windows. The most severe of these
credentials and be able to log on locally to exploit the
most severe vulnerabilities.
March 2013
Bulletin ID
Maximum Severity
Rating and

Explorer (2809289)
MS13-021
This security update resolves eight privately reported

vulnerabilities and one publicly disclosed vulnerability
in Internet Explorer. The most severe vulnerabilities
attacker who successfully exploited these
user rights.
Critical

MS13-027

vulnerabilities in Microsoft Windows. These
Important

33
Bulletin ID
Maximum Severity
Rating and
attacker gains access to a system.
February 2013
Bulletin ID
Maximum Severity
Rating and

Explorer (2792100)
MS13-009
This security update resolves thirteen privately

exploited these vulnerabilities could gain the same
user rights as the current user. Users whose accounts
are configured to have fewer user rights on the
system could be less impacted than users who operate Critical
with administrative user rights.
Vulnerability in Vector Markup Language Could
MS13-010

vulnerability in the Microsoft implementation of Vector
Markup Language (VML). The vulnerability could allow
remote code execution if a user viewed a specially
crafted webpage using Internet Explorer. Users whose
Critical
Vulnerability in Media Decompression Could

MS13-011

specially crafted media file (such as an .mpg file),
opens a Microsoft Office document (such as a .ppt file)
that contains a specially crafted embedded media file,
or receives specially crafted streaming content. An
Critical

34
Bulletin ID
Maximum Severity
Rating and

Vulnerability in OLE Automation Could Allow
MS13-020

vulnerability in Microsoft Windows Object Linking and
Embedding (OLE) Automation. The vulnerability could
allow remote code execution if a user opens a
specially crafted file. An attacker who successfully
exploited the vulnerability could gain the same user
rights as the current user. Users whose accounts are
Critical
Vulnerability in NFS Server Could Allow Denial of

Service (2790978)
MS13-014

could allow denial of service if an attacker attempts a
file operation on a read only share. An attacker who
exploited this vulnerability could cause the affected
system to stop responding and restart. The
vulnerability only affects Windows servers with the
NFS role enabled.
Important
Denial of Service
Vulnerability in .NET Framework Could Allow

MS13-015

vulnerability in the .NET Framework. The vulnerability
could allow elevation of privilege if a user views a
specially crafted webpage using a web browser that
can run XAML Browser Applications (XBAPs). The
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions. An attacker who successfully exploited
the vulnerability could gain the same user rights as
the current user. Users whose accounts are configured
to have fewer user rights on the system could be less
Important
user rights.

35
Bulletin ID
Maximum Severity
Rating and
MS13-016
Vulnerabilities in Windows Kernel-Mode

Driver Could Allow Elevation of Privilege
(2778344)
This security update resolves 30 privately reported
credentials and be able to log on locally to exploit the
vulnerabilities.
Important
MS13-017

vulnerabilities in all supported releases of Microsoft
Windows. The vulnerabilities could allow elevation of
privilege if an attacker logs on to the system and runs
a specially crafted application. An attacker must have
exploit the vulnerabilities.
Important
MS13-018
Vulnerability in TCP/IP Could Allow Denial of

Service (2790655)
could allow denial of service if an unauthenticated
attacker sends a specially crafted connection
termination packet to the server.
Important
Denial of Service
MS13-019
Vulnerability in Windows Client/Server Run-time

Subsystem (CSRSS) Could Allow Elevation of
Privilege (2790113)
could allow elevation of privilege if an attacker logs on
to a system and runs a specially crafted application.
Important

36
January 2013
Bulletin ID
Maximum Severity
Rating and
Security Update for Internet Explorer

(2799329)
MS13-008

vulnerability in Internet Explorer. The vulnerability
Critical
Vulnerability in Windows Print Spooler

Components Could Allow Remote Code
Execution (2769369)
MS13-001

could allow remote code execution if a print server
received a specially crafted print job. Firewall best
practices and standard default firewall configurations
can help protect networks from attacks that originate
outside the enterprise perimeter. Best practices
recommend that systems connected directly to the
Internet have a minimal number of ports exposed.
Critical
Vulnerabilities in Microsoft XML Core Services

MS13-002
MS13-004

vulnerabilities in Microsoft XML Core Services. The
Explorer. An attacker would have no way to force
users to visit such a website. Instead, an attacker
would have to convince users to visit the website,
typically by getting them to click a link in an email
message or Instant Messenger message that takes the Critical
user to the attacker's website.

Elevation of Privilege(2769324)
Important

37
Bulletin ID
Maximum Severity
Rating and
This security update resolves four privately reported

vulnerabilities in the .NET Framework. The most
severe of these vulnerabilities could allow elevation of
privilege if a user views a specially crafted webpage
using a web browser that can run XAML Browser
Applications (XBAPs). The vulnerabilities could also be
used by Windows .NET applications to bypass Code
Access Security (CAS) restrictions. An attacker who
successfully exploited these vulnerabilities could gain
the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user
rights on the system could be less impacted than
Vulnerability in Windows Kernel-Mode Driver
Could Allow Elevation of Privilege (2778930)
MS13-005

could allow elevation of privilege if an attacker runs a
specially crafted application.
Important
Vulnerability in Microsoft Windows Could Allow

Security Feature Bypass (2785220)
MS13-006

vulnerability in the implementation of SSL and TLS in
Microsoft Windows. The vulnerability could allow
security feature bypass if an attacker intercepts
encrypted web traffic handshakes.
Important
Vulnerability in Open Data Protocol Could Allow

Denial of Service(2769327)
MS13-007

vulnerability in the Open Data (OData) protocol. The
vulnerability could allow denial of service if an
unauthenticated attacker sends specially crafted HTTP
requests to an affected site. Firewall best practices
and standard default firewall configurations can help
protect networks from attacks that originate outside
the enterprise perimeter. Best practices recommend
that systems that are connected to the Internet have
a minimal number of ports exposed.
Important
Denial of Service

38
December 2012
Bulletin ID
Maximum Severity
Rating and

Explorer (2761465)
MS12-077

Explorer. An attacker who successfully exploited these
user rights.
Critical

Could Allow Remote Code Execution
(2783534)
MS12-078

vulnerability and one privately reported vulnerability
in Microsoft Windows. The more severe of these
user opens a specially crafted document or visits a
malicious webpage that embeds TrueType or
OpenType font files. An attacker would have to
convince users to visit the website, typically by getting
them to click a link in an email message that takes
Critical
them to the attacker's website.
Vulnerability in Windows File Handling
Component Could Allow Remote Code Execution
(2758857)
MS12-081

could allow remote code execution if a user browses
to a folder that contains a file or subfolder with a
specially crafted name. An attacker who successfully
exploited this vulnerability could gain the same user
Critical

39
Bulletin ID
Maximum Severity
Rating and
Vulnerability in DirectPlay Could Allow Remote

MS12-082

could allow remote code execution if an attacker
convinces a user to view a specially crafted Office
document with embedded content. An attacker who
successfully exploits this vulnerability could gain the
Important
Vulnerability in IP-HTTPS Component Could

Allow Security Feature Bypass (2765809)
MS12-083

could allow security feature bypass if an attacker
presents a revoked certificate to an IP-HTTPS server
commonly used in Microsoft DirectAccess
deployments. To exploit the vulnerability, an attacker
must use a certificate issued from the domain for IPHTTPS server authentication. Logging on to a system
inside the organization would still require system or
domain credentials.
Important
November 2012
Bulletin ID
Maximum Severity
Rating and

Explorer (2761451)
MS12-071

vulnerabilities in Internet Explorer. The vulnerabilities
attacker who successfully exploited these
Critical

40
Bulletin ID
Maximum Severity
Rating and
user rights.
Vulnerabilities in Windows Shell Could Allow
MS12-072

user browses to a specially crafted briefcase in
Windows Explorer. An attacker who successfully
exploited this vulnerability could run arbitrary code as
the current user. If the current user is logged on with
administrative user rights, an attacker could take
complete control of the affected system. An attacker
could then install programs; view, change, or delete
data; or create new accounts with full user rights.
Critical

MS12-074

vulnerabilities in the .NET Framework. The most
severe of these vulnerabilities could allow remote code
execution if an attacker convinces the user of a target
system to use a malicious proxy auto configuration file
and then injects code into the currently running
Critical
application.
MS12-075
MS12-073

vulnerabilities in Microsoft Windows. The most severe
of these vulnerabilities could allow remote code
execution if a user opens a specially crafted document
or visits a malicious webpage that embeds TrueType
font files. An attacker would have to convince users to
visit the website, typically by getting them to click a
link in an email message that takes them to the
attacker's website.
Critical
Vulnerabilities in Microsoft Internet Information

Services (IIS) Could Allow Information
Moderate

41
Bulletin ID

Disclosure (2733829)
Maximum Severity
Rating and

vulnerability and one privately reported vulnerability
in Microsoft Internet Information Services (IIS). The
more severe vulnerability could allow information
disclosure if an attacker sends specially crafted FTP
commands to the server.
October 2012
Bulletin ID
MS12-068

Maximum Severity
Rating and
Important

vulnerability in all supported releases of Microsoft
Windows except Windows 8 and Windows Server
2012. This security update is rated Important for all
supported editions of Windows XP, Windows Server
2003, Windows Vista, Windows Server 2008, Windows
7, and Windows Server 2008 R2.
The vulnerability could allow elevation of privilege if
an attacker logs on to the system and runs a specially
vulnerability.
MS12-069
Vulnerability in Kerberos Could Allow Denial of

Service (2743555)
Important
Denial of Service

could allow denial of service if a remote attacker
sends a specially crafted session request to the
Kerberos server. Firewall best practices and standard
default firewall configurations can help protect
networks from attacks that originate outside the

42
Bulletin ID
Maximum Severity
Rating and
enterprise perimeter. Best practices recommend that

systems that are connected to the Internet have a
minimal number of ports exposed.
MS12-070
Vulnerability in SQL Server Could Allow

Important

vulnerability in Microsoft SQL Server on systems
running SQL Server Reporting Services (SSRS). The
vulnerability is a cross-site-scripting (XSS)
vulnerability that could allow elevation of privilege,
enabling an attacker to execute arbitrary commands
on the SSRS site in the context of the targeted user.
An attacker could exploit this vulnerability by sending
a specially crafted link to the user and convincing the
user to click the link. An attacker could also host a
website that contains a webpage designed to exploit
the vulnerability. In addition, compromised websites
and websites that accept or host user-provided
content or advertisements could contain specially
crafted content that could exploit this vulnerability.
September 2012
Bulletin ID
MS12-061
Vulnerability in Visual Studio Team Foundation

Server Could Allow Elevation of Privilege
(2719584)
Maximum Severity
Rating and
Important

vulnerability in Visual Studio Team Foundation Server.
The vulnerability could allow elevation of privilege if a
user clicks a specially crafted link in an email message
or browses to a webpage that is used to exploit the
vulnerability. In all cases, however, an attacker would
have no way to force users to perform these actions.
Instead, an attacker would have to convince users to

43
Bulletin ID
Maximum Severity
Rating and
visit a website, typically by getting them to click a link

in an email message or Instant Messenger message
that takes them to the attacker's website.
MS12-063

Explorer (2744842)
Critical

and four privately reported vulnerabilities in Internet
Explorer. The most severe vulnerabilities could allow
remote code execution if a user views a specially
crafted webpage using Internet Explorer. An attacker
who successfully exploited any of these vulnerabilities
August 2012
Bulletin ID
MS12-052

Critical
Explorer (2722913)

Explorer. An attacker who successfully exploited any
of these vulnerabilities could gain the same user

44
Bulletin ID
MS12-054

Vulnerabilities in Windows Networking
Critical
Execution (2733594)
vulnerabilities in Microsoft Windows. The most severe
of these vulnerabilities could allow remote code
execution if an attacker sends a specially crafted
response to a Windows print spooler request. Firewall
best practices and standard default firewall
configurations can help protect networks from attacks
that originate outside the enterprise perimeter. Best
practices recommend that systems connected directly
to the Internet have a minimal number of ports
exposed.
MS12-060
Vulnerability in Windows Common Controls
Critical

vulnerability in Windows common controls. The
user visits a website containing specially crafted
content designed to exploit the vulnerability. In all
cases, however, an attacker would have no way to
force users to visit such a website. Instead, an
attacker would have to convince users to visit the
website, typically by getting them to click a link in an
email message or Instant Messenger message that
takes them to the attacker's website. The malicious
file could be sent as an email attachment as well, but
the attacker would have to convince the user to open
the attachment in order to exploit the vulnerability.
MS12-055
Vulnerability in Windows Kernel-Mode Drivers
Important

45
Bulletin ID


to the system and runs a specially crafted application.
MS12-056
Vulnerability in JScript and VBScript Engines
Important

vulnerability in the JScript and VBScript scripting
engines on 64-bit versions of Microsoft Windows. The
user visited a specially crafted website. An attacker
would have no way to force users to visit the website.
Instead, an attacker would have to convince users to
visit the website, typically by getting them to click a
link in an email message or Instant Messenger
message that takes users to the attacker's website.
July 2012
Bulletin ID
MS12-043

Vulnerability in Microsoft XML Core Services
Critical

vulnerability in Microsoft XML Core Services. The
vulnerability could allow remote code execution, if a
Explorer. An attacker would have no way to force
users to visit such a website. Instead, an attacker
would have to convince users to visit the website,
typically by getting them to click a link in an email
message or Instant Messenger message that takes
the user to the attacker's website.

46
Bulletin ID
MS12-044

Critical
Explorer (2719177)

vulnerabilities in Internet Explorer. The vulnerabilities
attacker who successfully exploited any of these
user rights.
MS12-045
Vulnerability in Microsoft Data Access
Critical
Execution (2698365)
specially crafted webpage. An attacker who
successfully exploited this vulnerability could gain the
MS12-047
Important

and one privately reported vulnerability in Microsoft
Windows. The vulnerabilities could allow elevation of
privilege if an attacker logs on to the system and runs
a specially crafted application. An attacker must have

47
Bulletin ID

exploit this vulnerability.
MS12-048
Vulnerability in Windows Shell Could Allow
Important

file or directory with a specially crafted name. An
MS12-049
Vulnerability in TLS Could Allow Information
Important

vulnerability in TLS. The vulnerability could allow
information disclosure if an attacker intercepts
encrypted web traffic served from an affected system.
All cipher suites that do not use CBC mode are not
affected.
June 2012
Bulletin ID
MS12-036

Vulnerability in Remote Desktop Could Allow
Critical

vulnerability in the Remote Desktop Protocol. The
vulnerability could allow remote code execution if an
attacker sends a sequence of specially crafted RDP

48
Bulletin ID

packets to an affected system. By default, the Remote

Desktop Protocol (RDP) is not enabled on any
Windows operating system. Systems that do not have
RDP enabled are not at risk.
MS12-037
Critical
Explorer (2699988)

and twelve privately reported vulnerabilities in
Internet Explorer. The most severe vulnerabilities
attacker who successfully exploited any of these
user rights.
MS12-038
Vulnerability in .NET Framework Could Allow
Critical

vulnerability in Microsoft .NET Framework. The
vulnerability could allow remote code execution on a
client system if a user views a specially crafted
webpage using a web browser that can run XAML
Browser Applications (XBAPs). Users whose accounts
system could be less impacted than users who
operate with administrative user rights. The
restrictions. In a web browsing attack scenario, an
attacker could host a website that contains a webpage
that is used to exploit this vulnerability. In addition,
compromised websites and websites that accept or

49
Bulletin ID

host user-provided content or advertisements could

contain specially crafted content that could exploit
this vulnerability. In all cases, however, an attacker
would have no way to force users to visit these
websites. Instead, an attacker would have to convince
users to visit the website, typically by getting them to
click a link in an email message or Instant Messenger
message that takes users to the attacker's website.
MS12-041
Important

attacker logs on to a system and runs a specially
credentials and be able to log on locally to exploit any
of these vulnerabilities.
MS12-042
Important

Microsoft Windows. The vulnerabilities could allow
elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted
application that exploits the vulnerability. An attacker
must have valid logon credentials and be able to log
on locally to exploit this vulnerability. The
vulnerability could not be exploited remotely or by
anonymous users.
May 2012

50
Bulletin ID

Combined Security Update for Microsoft Office,

Windows, .NET Framework, and Silverlight
(2681578)
MS12-034
This security update resolves three publicly disclosed

vulnerabilities and seven privately reported
vulnerabilities in Microsoft Office, Microsoft Windows,
the Microsoft .NET Framework, and Microsoft
Silverlight. The most severe of these vulnerabilities
specially crafted document or visits a malicious
webpage that embeds TrueType font files. An attacker
would have no way to force users to visit a malicious
website. Instead, an attacker would have to convince
message that takes them to the attacker's website.
Critical

MS12-035

vulnerabilities in the .NET Framework. The
vulnerabilities could allow remote code execution on a
client system if a user views a specially crafted
webpage using a web browser that can run XAML
Browser Applications (XBAPs). Users whose accounts
system could be less impacted than users who operate Critical
Vulnerability in TCP/IP Could Allow Elevation of
Privilege (2688338)
MS12-032
MS12-033

and one publicly disclosed vulnerability in Microsoft
Windows. The more severe of these vulnerabilities
Vulnerability in Windows Partition Manager
Important
Important

51
Bulletin ID


April 2012
Bulletin ID
MS12-023
Maximum Severity
Rating and
Vulnerability
Impact
Critical
(2675157)
Remote Code
Execution

An attacker who successfully exploited any of these
rights.
MS12-024
Vulnerability in Windows Could Allow Remote Code
Critical
Execution (2653956)
Remote Code
Execution

allow remote code execution if a user or application runs
or installs a specially crafted, signed portable executable
(PE) file on an affected system.
MS12-025
Vulnerability in .NET Framework Could Allow Remote
Critical
Remote Code
Execution

52
vulnerability in Microsoft .NET Framework. The

vulnerability could allow remote code execution on a client
system if a user views a specially crafted webpage using a
web browser that can run XAML Browser Applications
(XBAPs). Users whose accounts are configured to have
fewer user rights on the system could be less impacted
than users who operate with administrative user rights.
The vulnerability could also allow remote code execution
on a server system running IIS, if that server allows
processing ASP.NET pages and an attacker succeeds in
uploading a specially crafted ASP.NET page to that server
and then executes the page, as could be the case in a web
hosting scenario. This vulnerability could also be used by
Windows .NET applications to bypass Code Access Security
(CAS) restrictions. In a web browsing attack scenario, an
attacker could host a website that contains a webpage that
is used to exploit this vulnerability. In addition,
compromised websites and websites that accept or host
user-provided content or advertisements could contain
specially crafted content that could exploit this
vulnerability. In all cases, however, an attacker would
have no way to force users to visit these websites.
Instead, an attacker would have to convince users to visit
the website, typically by getting them to click a link in an
email message or Instant Messenger message that takes
users to the attacker's website.
MS12-027
Vulnerability in Windows Common Controls Could
Critical
Remote Code
Execution
This security update resolves a privately disclosed

vulnerability in Windows common controls. The
vulnerability could allow remote code execution if a user
visits a website containing specially crafted content
designed to exploit the vulnerability. In all cases, however,
an attacker would have no way to force users to visit such
a website. Instead, an attacker would have to convince
users to visit the website, typically by getting them to click
a link in an email message or Instant Messenger message
that takes them to the attacker's website. The malicious
file could be sent as an email attachment as well, but the
attacker would have to convince the user to open the

53
attachment in order to exploit the vulnerability.
March 2012
Bulletin ID
MS12-020
Maximum Severity
Rating and
Vulnerability
Impact
Vulnerabilities in Remote Desktop Could Allow
Critical
Remote Code
Execution

vulnerabilities in the Remote Desktop Protocol. The more
severe of these vulnerabilities could allow remote code
execution if an attacker sends a sequence of specially
crafted RDP packets to an affected system. By default, the
Remote Desktop Protocol (RDP) is not enabled on any
Windows operating system. Systems that do not have
RDP enabled are not at risk.
MS12-017
Vulnerability in DNS Server Could Allow Denial of
Important
Service (2647170)
Denial of Service

allow denial of service if a remote unauthenticated
attacker sends a specially crafted DNS query to the target
DNS server.
MS12-018
Important
Elevation

allow elevation of privilege if an attacker logs on to a
system and runs a specially crafted application. An
attacker must have valid logon credentials and be able to
log on locally to exploit this vulnerability.
MS12-019
Vulnerability in DirectWrite Could Allow Denial of
Moderate
Service (2665364)
Denial of

54

vulnerability in Windows DirectWrite. In an Instant
Messager-based attack scenario, the vulnerability could
allow denial of service if an attacker sends a specially
crafted sequence of Unicode characters directly to an
Instant Messenger client. The target application could
become unresponsive when DirectWrite renders the
specially crafted sequence of Unicode characters.
February 2012
Bulletin ID
MS12-008
Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code
Execution

vulnerability and a publicly disclosed vulnerability in
Microsoft Windows. The more severe of these
visits a website containing specially crafted content or if a
specially crafted application is run locally. An attacker
would have no way to force users to visit a malicious
website. Instead, an attacker would have to convince
message that takes them to the attacker's website.
MS12-010
Critical
(2647516)
Remote Code
Execution

views a specially crafted web page using Internet
Explorer. An attacker who successfully exploited any of
these vulnerabilities could gain the same user rights as
the logged-on user. Users whose accounts are configured
to have fewer user rights on the system could be less

55
rights.
MS12-013
Vulnerability in C Run-Time Library Could Allow
Critical
Remote Code
Execution

allow remote code execution if a user opens a specially
crafted media file that is hosted on a website or sent as
an email attachment. An attacker who successfully
exploited the vulnerability could gain the same user rights
rights.
MS12-016
Vulnerabilities in .NET Framework and Microsoft
Critical
Remote Code
(2651026)
Execution

vulnerability and one privately reported vulnerability in
Microsoft .NET Framework and Microsoft Silverlight. The
vulnerabilities could allow remote code execution on a
client system if a user views a specially crafted web page
using a web browser that can run XAML Browser
Applications (XBAPs) or Silverlight applications. Users
whose accounts are configured to have fewer user rights
on the system could be less impacted than users who
MS12-009
Vulnerabilities in Ancillary Function Driver Could
Important

could allow elevation of privilege if an attacker logs on to
a user's system and runs a specially crafted application.
An attacker must have valid logon credentials and be able
to log on locally to exploit the vulnerabilities.

56
MS12-012
Vulnerability in Color Control Panel Could Allow
Important
Remote Code
Execution

allow remote code execution if a user opens a legitimate
file (such as an .icm or .icc file) that is located in the
same directory as a specially crafted dynamic link library
(DLL) file. An attacker who successfully exploited this
logged-on user. Users whose accounts are configured to
rights.
January 2012
Bulletin ID
MS12-004
Severity & Impact
Vulnerabilities in Windows Media Could Allow
Critical
Remote Code
Execution

specially crafted media file. An attacker who successfully
exploited the vulnerabilities could gain the same user
rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could
be less impacted than users who operate with
MS12-001
Vulnerability in Windows Kernel Could Allow Security
Important
Feature Bypass (2644615)
Security Feature
Bypass

allow an attacker to bypass the SafeSEH security feature in
a software application. An attacker could then use other
vulnerabilities to leverage the structured exception handler

57
Bulletin ID
Severity & Impact
to run arbitrary code. Only software applications that were

compiled using Microsoft Visual C++ .NET 2003 can be
used to exploit this vulnerability.
MS12-002
Vulnerability in Windows Object Packager Could
Important
Remote Code
Execution

file with an embedded packaged object that is located in
the same network directory as a specially crafted
executable file. An attacker who successfully exploited this
logged-on user. An attacker could then install programs;
view, change, or delete data; or create new accounts with
full user rights. Users whose accounts are configured to
rights.
MS12-003
Important
Subsystem Could Allow Elevation of Privilege
(2646524)
vulnerability in Microsoft Windows. This security update is
rated Important for all supported editions of Windows XP,
Windows Server 2003, Windows Vista, and Windows
Server 2008. All supported editions of Windows 7 and
Windows Server 2008 R2 are not affected by this
vulnerability.
The vulnerability could allow elevation of privilege if an
attacker logs on to an affected system and runs a specially
crafted application. The attacker could then take complete
control of the affected system and install programs; view,
change, or delete data; or create new accounts with full
user rights. This vulnerability can only be exploited on

58
Bulletin ID
Severity & Impact
systems configured with a Chinese, Japanese, or Korean

system locale.
MS12-005
Vulnerability in Microsoft Windows Could Allow
Important
Remote Code
Execution

crafted Microsoft Office file containing a malicious
embedded ClickOnce application. An attacker who
successfully exploited this vulnerability could gain the
same user rights as the local user. Users whose accounts
MS12-006
Vulnerability in SSL/TLS Could Allow Information
Important

vulnerability in SSL 3.0 and TLS 1.0. This vulnerability
affects the protocol itself and is not specific to the
Windows operating system. The vulnerability could allow
information disclosure if an attacker intercepts encrypted
web traffic served from an affected system. TLS 1.1, TLS
1.2, and all cipher suites that do not use CBC mode are
not affected.
December 2011
Bulletin ID
MS11-087
Severity & Impact
Critical
Remote Code
Execution

59
Bulletin ID
Severity & Impact

crafted document or visits a malicious Web page that
embeds TrueType font files.
MS11-090
Critical
(2618451)
Remote Code
Execution

vulnerability in Microsoft software. The vulnerability could
crafted Web page that uses a specific binary behavior in
Internet Explorer. Users whose accounts are configured to
rights. This update also includes kill bits for four thirdparty ActiveX controls.
MS11-092
Vulnerability in Windows Media Could Allow Remote
Critical
Remote Code
Execution

vulnerability in Windows Media Player and Windows Media
Center. The vulnerability could allow remote code
execution if a user opens a specially crafted Microsoft
Digital Video Recording (.dvr-ms) file. In all cases, a user
cannot be forced to open the file; for an attack to be
successful, a user must be convinced to do so.
MS11-093
Vulnerability in OLE Could Allow Remote Code
Important
Execution (2624667)
Remote Code
Execution

vulnerability in all supported editions of Windows XP and
Windows Server 2003. This security update is rated
Important for all supported editions of Windows XP and
Windows Server 2003. Windows Vista, Windows Server
2008, Windows 7, and Windows Server 2008 R2 are not

60
Bulletin ID
Severity & Impact
affected by the vulnerability.

The vulnerability could allow remote code execution if a
user opens a file that contains a specially crafted OLE
object. An attacker who successfully exploited this
vulnerability could gain the same user rights as the local
MS11-095
Vulnerability in Active Directory Could Allow Remote
Important
Remote Code
Execution

vulnerability in Active Directory, Active Directory
Application Mode (ADAM), and Active Directory Lightweight
Directory Service (AD LDS). The vulnerability could allow
remote code execution if an attacker logs on to an Active
Directory domain and runs a specially crafted application.
To exploit this vulnerability, an attacker would first need to
acquire credentials to log on to an Active Directory
domain.
MS11-097
Important
(2620712)
allow elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted application
designed to send a device event message to a higherintegrity process. An attacker must have valid logon
vulnerability.
MS11-098
Important

61
Bulletin ID
Severity & Impact


designed to exploit the vulnerability. An attacker must
have valid logon credentials and be able to log on locally to
exploit this vulnerability. The vulnerability could not be
exploited remotely or by anonymous users.
MS11-099
Important
(2618444)
Remote Code
Execution

opens a legitimate HyperText Markup Language (HTML) file
that is located in the same directory as a specially crafted
dynamic link library (DLL) file.
MS11-100
Critical

vulnerability and three privately reported vulnerabilities in
Microsoft .NET Framework. The most severe of these
unauthenticated attacker sends a specially crafted web
request to the target site. An attacker who successfully
exploited this vulnerability could take any action in the
context of an existing account on the ASP.NET site,
including executing arbitrary commands. In order to
exploit this vulnerability, an attacker must be able to
register an account on the ASP.NET site, and must know
an existing user name.
November 2011

62
Bulletin ID
Severity & Impact
MS11-083
Vulnerability in TCP/IP Could Allow Remote Code
Critical
Execution (2588516)
Remote Code
Execution

allow remote code execution if an attacker sends a
continuous flow of specially crafted UDP packets to a
closed port on a target system.
MS11-085
Vulnerability in Windows Mail and Windows Meeting
Important
Space Could Allow Remote Code Execution
Remote Code
(2620704)
Execution

file (such as an .eml or .wcinv file) that is located in the
same network directory as a specially crafted dynamic link
library (DLL) file. Then, while opening the legitimate file,
Windows Mail or Windows Meeting Space could attempt to
load the DLL file and execute any code it contained. For an
attack to be successful, a user must visit an untrusted
remote file system location or WebDAV share and open a
legitimate file (such as an .eml or .wcinv file) from this
location that is then loaded by a vulnerable application.

63
Bulletin ID
Severity & Impact
MS11-086
Vulnerability in Active Directory Could Allow
Important

vulnerability in Active Directory, Active Directory
Application Mode (ADAM), and Active Directory Lightweight
Directory Service (AD LDS). The vulnerability could allow
elevation of privilege if Active Directory is configured to
use LDAP over SSL (LDAPS) and an attacker acquires a
revoked certificate that is associated with a valid domain
account and then uses that revoked certificate to
authenticate to the Active Directory domain. By default,
Active Directory is not configured to use LDAP over SSL.
MS11-084
Moderate
Allow Denial of Service (2617657)
Denial of Service

allow denial of service if a user opens a specially crafted
TrueType font file as an e-mail attachment or navigates to
a network share or WebDAV location containing a specially
crafted TrueType font file. For an attack to be successful, a
user must visit the untrusted remote file system location
or WebDAV share containing the specially crafted TrueType
font file, or open the file as an e-mail attachment. In all
cases, however, an attacker would have no way to force
users to perform these actions. Instead, an attacker would
have to persuade users to do so, typically by getting them
to click a link in an e-mail message or Instant Messenger
message.
October 2011

64
Bulletin ID
Summary
Severity & Impact
MS11-078
Vulnerability in .NET Framework and Microsoft
Critical
Remote Code
(2604930)
Execution

vulnerability in Microsoft .NET Framework and Microsoft
Silverlight. The vulnerability could allow remote code
execution on a client system if a user views a specially
crafted Web page using a Web browser that can run XAML
Browser Applications (XBAPs) or Silverlight applications.
rights on the system could be less impacted than users
who operate with administrative user rights. The
vulnerability could also allow remote code execution on a
server system running IIS, if that server allows processing
ASP.NET pages and an attacker succeeds in uploading a
specially crafted ASP.NET page to that server and then
executes the page, as could be the case in a Web hosting
scenario. This vulnerability could also be used by Windows
.NET applications to bypass Code Access Security (CAS)
restrictions.
MS11-081
Critical
(2586448)
Remote Code
Execution
This security update resolves eight privately reported

views a specially crafted Web page using Internet Explorer.
vulnerabilities could gain the same user rights as the local
MS11-075
Vulnerability in Microsoft Active Accessibility Could
Important
Remote Code
Execution

65
Bulletin ID
Summary
Severity & Impact

vulnerability in the Microsoft Active Accessibility
component. The vulnerability could allow remote code
execution if an attacker convinces a user to open a
legitimate file that is located in the same network directory
as a specially crafted dynamic link library (DLL) file. Then,
while opening the legitimate file, the Microsoft Active
Accessibility component could attempt to load the DLL file
and execute any code it contained. For an attack to be
successful, a user must visit an untrusted remote file
system location or WebDAV share and open a document
from this location that is then loaded by a vulnerable
application.
MS11-076
Vulnerability in Windows Media Center Could Allow
Important
Remote Code
Execution

vulnerability in Windows Media Center. The vulnerability
could allow remote code execution if an attacker convinces
a user to open a legitimate file that is located in the same
network directory as a specially crafted dynamic link
library (DLL) file. Then, while opening the legitimate file,
Windows Media Center could attempt to load the DLL file
and execute any code it contained. For an attack to be
successful, a user must visit an untrusted remote file
system location or WebDAV share and open a legitimate
file.
MS11-077
Important
Remote Code
Execution

these vulnerabilities could allow remote code execution if a
user opens a specially crafted font file (such as a .fon file)
in a network share, a UNC or WebDAV location, or an email attachment. For a remote attack to be successful, a
user must visit an untrusted remote file system location or

66
Bulletin ID
Summary
Severity & Impact
WebDAV share and open the specially crafted font file, or

open the file as an e-mail attachment.
MS11-080
Vulnerability in Ancillary Function Driver Could Allow
Important

vulnerability in the Microsoft Windows Ancillary Function
Driver (AFD). The vulnerability could allow elevation of
privilege if an attacker logs on to a user's system and runs
a specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit
the vulnerability.
September 2011
Bulletin ID
Summary
Severity & Impact
MS11-070
Vulnerability in WINS Could Allow Elevation of
Important
Privilege (2571621)

vulnerability in the Windows Internet Name Service
(WINS). The vulnerability could allow elevation of privilege
if a user received a specially crafted WINS replication
packet on an affected system running the WINS service.
An attacker must have valid logon credentials and be able
to log on locally to exploit this vulnerability.
MS11-071
Vulnerability in Windows Components Could Allow
Important
Remote Code
Execution

rich text format file (.rtf), text file (.txt), or Word
document (.doc) that is located in the same network

67
Bulletin ID
Summary
Severity & Impact
directory as a specially crafted dynamic link library (DLL)

file. An attacker who successfully exploited this
vulnerability could gain the same user rights as the local
August 2011
Bulletin ID
MS11-057
Summary
Severity & Impact
Critical
(2559049)

vulnerabilities and two publicly disclosed vulnerabilities in
Internet Explorer. The most severe vulnerabilities could
crafted Web page using Internet Explorer. An attacker who
successfully exploited any of these vulnerabilities could
gain the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with
MS11-058
Vulnerabilities in DNS Server Could Allow Remote
Critical

vulnerabilities in Windows DNS server. The more severe of
these vulnerabilities could allow remote code execution if
an attacker registers a domain, creates an NAPTR DNS
resource record, and then sends a specially crafted NAPTR
query to the target DNS server. Servers that do not have
the DNS role enabled are not at risk.
MS11-059
Vulnerability in Data Access Components Could Allow
Important

68
Bulletin ID
Summary
Severity & Impact

Excel file (such as a .xlsx file) that is located in the same
network directory as a specially crafted library file. An
attacker who successfully exploited this vulnerability could
gain the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user rights on
the system could be less impacted than users who operate
MS11-061
Vulnerability in Remote Desktop Web Access Could
Important

vulnerability in Remote Desktop Web Access. The
vulnerability is a cross-site scripting (XSS) vulnerability
that could allow elevation of privilege, enabling an attacker
to execute arbitrary commands on the site in the context of
the target user. The XSS Filter in Internet Explorer 8 and
Internet Explorer 9 prevents this attack for its users when
browsing to a Remote Desktop Web Access server in the
Internet Zone. The XSS Filter in Internet Explorer 8 and
Internet Explorer 9 is not enabled by default in the Intranet
Zone.
MS11-062
Vulnerability in Remote Access Service NDISTAPI
Important
Driver Could Allow Elevation of Privilege (2566454)

vulnerability in all supported editions of Windows XP and
Windows Server 2003. This security update is rated
Important for all supported editions of Windows XP and
Windows Server 2003. Windows Vista, Windows Server
2008, Windows 7, and Windows Server 2008 R2 are not
attacker logs on to an affected system and runs a specially
crafted application designed to exploit the vulnerability and
take complete control over the affected system. An
attacker must have valid logon credentials and be able to

69
Bulletin ID
Summary
Severity & Impact
log on locally to exploit this vulnerability.

MS11-063
Important
(2567680)
designed to send a device event message to a higherintegrity process. An attacker must have valid logon
vulnerability.
MS11-064
Vulnerabilities in TCP/IP Stack Could Allow Denial of
Important
Service (2563894)
Denial of Service

sequence of specially crafted Internet Control Message
Protocol (ICMP) messages to a target system or sends a
specially crafted URL request to a server that is serving
Web content and has the URL-based Quality of Service
(QoS) feature enabled.
MS11-065
Vulnerability in Remote Desktop Protocol Could Allow Important

Denial of Service

vulnerability in the Remote Desktop Protocol. The
vulnerability could allow denial of service if an affected
system received a sequence of specially crafted RDP
packets. Microsoft has also received reports of limited,
targeted attacks attempting to exploit this vulnerability. By
default, the Remote Desktop Protocol (RDP) is not enabled
on any Windows operating system.
MS11-066
Vulnerability in Microsoft Chart Control Could Allow
Important

70
Bulletin ID
Summary
Severity & Impact

vulnerability in ASP.NET Chart controls. The vulnerability
could allow information disclosure if an attacker sent a
specially crafted GET request to an affected server hosting
the Chart controls. Note that this vulnerability would not
allow an attacker to execute code or to elevate the
attacker's user rights directly, but it could be used to
retrieve information that could be used to further
compromise the affected system. Only web applications
using Microsoft Chart Control are affected by this issue.
Default installations of the .NET Framework are not
affected.
MS11-068
Vulnerability in Windows Kernel Could Allow Denial
Moderate
of Service (2556532)
Denial of Service

allow denial of service if a user visits a network share (or
visits a Web site that points to a network share) containing
a specially crafted file. In all cases, however, an attacker
would have no way to force a user to visit such a network
share or Web site. Instead, an attacker would have to
convince a user to do so, typically by getting the user to
click a link in an e-mail message or Instant Messenger
message.
July 2011
Bulletin ID
MS11-053
Summary
Severity & Impact
Vulnerability in Bluetooth Stack Could Allow Remote
Critical

vulnerability in the Windows Bluetooth Stack. The
vulnerability could allow remote code execution if an
attacker sent a series of specially crafted Bluetooth packets
to an affected system. An attacker could then install
programs; view, change, or delete data; or create new

71
Bulletin ID
Summary
Severity & Impact
accounts with full user rights. This vulnerability only affects

systems with Bluetooth capability.
MS11-054
Important
This security update resolves 15 privately reported

these vulnerabilities could allow elevation of privilege if an
attacker logged on locally and ran a specially crafted
and be able to log on locally to exploit these vulnerabilities.
MS11-056
Vulnerabilities in Windows Client/Server Run-time
Important
(2507938)
vulnerabilities in the Microsoft Windows Client/Server Runtime Subsystem (CSRSS). The vulnerabilities could allow
elevation of privilege if an attacker logs on to a user's
system and runs a specially crafted application. An attacker
must have valid logon credentials and be able to log on
locally to exploit the vulnerabilities.
June 2011
ID
MS11-038
Summary
Severity & Impact
Vulnerability in OLE Automation Could Allow Remote
Critical

vulnerability in Microsoft Windows Object Linking and
Embedding (OLE) Automation. The vulnerability could allow
remote code execution if a user visits a Web site containing

72
ID
Summary
Severity & Impact
a specially crafted Windows Metafile (WMF) image. In all

cases, however, an attacker would have no way to force
users to visit such a Web site. Instead, an attacker would
have to convince users to visit a malicious Web site,
typically by getting them to click a link in an e-mail
message or Instant Messenger request.
MS11-039
Vulnerability in .NET Framework and Microsoft
Critical
(2514842)
vulnerability in Microsoft .NET Framework and Microsoft
Silverlight. The vulnerability could allow remote code
execution on a client system if a user views a specially
crafted Web page using a Web browser that can run XAML
Browser Applications (XBAPs) or Silverlight applications.
operate with administrative user rights. The vulnerability
could also allow remote code execution on a server system
running IIS, if that server allows processing ASP.NET pages
and an attacker succeeds in uploading a specially crafted
ASP.NET page to that server and then executes the page,
as could be the case in a Web hosting scenario. This
restrictions.
MS11-041
Critical

allow remote code execution if a user visits a network share
(or visits a web site that points to a network share)
containing a specially crafted OpenType font (OTF). In all
cases, however, an attacker would have no way to force a
user to visit such a web site or network share. Instead, an
attacker would have to convince a user to visit the web site
or network share, typically by getting them to click a link in

73
ID
Summary
Severity & Impact
an e-mail message or Instant Messenger message.

MS11-042
Vulnerabilities in Distributed File System Could Allow
Critical

vulnerabilities in the Microsoft Distributed File System
(DFS). The more severe of these vulnerabilities could allow
remote code execution when an attacker sends a specially
crafted DFS response to a client-initiated DFS request. An
execute arbitrary code and take complete control of an
affected system. Firewall best practices and standard
default firewall configurations can help protect networks
from attacks that originate outside the enterprise
perimeter. Best practices recommend that systems that are
connected to the Internet have a minimal number of ports
exposed.
MS11-043
Vulnerability in SMB Client Could Allow Remote Code
Critical
Execution (2536276)

allow remote code execution if an attacker sent a specially
crafted SMB response to a client-initiated SMB request. To
exploit the vulnerability, an attacker must convince the user
to initiate an SMB connection to a specially crafted SMB
server.
MS11-044
Critical

vulnerability in Microsoft .NET Framework. The vulnerability
could allow remote code execution on a client system if a
user views a specially crafted Web page using a Web
browser that can run XAML Browser Applications (XBAPs).

74
ID
Summary
Severity & Impact

restrictions.
MS11-050
Critical
(2530548)
This security update resolves eleven privately reported

views a specially crafted Web page using Internet Explorer.
vulnerabilities could gain the same user rights as the local
user rights on the system could be less impacted than users
who operate with administrative user rights.
MS11-052
Vulnerability in Vector Markup Language Could Allow
Critical

vulnerability in the Microsoft implementation of Vector
Markup Language (VML). This security update is rated
Critical for Internet Explorer 6, Internet Explorer 7, and
Internet Explorer 8 on Windows clients; and Moderate for
Internet Explorer 6, Internet Explorer 7, and Internet
Explorer 8 on Windows servers. Internet Explorer 9 is not
user viewed a specially crafted Web page using Internet
Explorer. Users whose accounts are configured to have
than users who operate with administrative user rights.
MS11-037
Vulnerability in MHTML Could Allow Information
Important

75
ID
Summary
Severity & Impact

vulnerability in the MHTML protocol handler in Microsoft
Windows. The vulnerability could allow information
disclosure if a user opens a specially crafted URL from an
attacker's Web site. An attacker would have to convince the
user to visit the Web site, typically by getting them to
follow a link in an e-mail message or Instant Messenger
message.
MS11-046
Vulnerability in Ancillary Function Driver Could Allow
Important

vulnerability in the Microsoft Windows Ancillary Function
Driver (AFD). The vulnerability could allow elevation of
privilege if an attacker logs on to a user's system and runs
a specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit the
vulnerability.
MS11-047
Vulnerability in Hyper-V Could Allow Denial of Service Important

(2525835)
Denial of Service

vulnerability in Windows Server 2008 Hyper-V and Windows
Server 2008 R2 Hyper-V. The vulnerability could allow
denial of service if a specially crafted packet is sent to the
VMBus by an authenticated user in one of the guest virtual
machines hosted by the Hyper-V server. An attacker must
have valid logon credentials and be able to send specially
crafted content from a guest virtual machine to exploit this
vulnerability. The vulnerability could not be exploited
remotely or by anonymous users.
MS11-048
Vulnerability in SMB Server Could Allow Denial of
Important
Service (2536275)
Denial of Service

allow denial of service if an attacker created a specially
crafted SMB packet and sent the packet to an affected
system. Firewall best practices and standard default firewall

76
ID
Summary
Severity & Impact
configurations can help protect networks from attacks

originating outside the enterprise perimeter that would
attempt to exploit this vulnerability.
MS11-049
Vulnerability in the Microsoft XML Editor Could Allow
Important

vulnerability in Microsoft XML Editor. The vulnerability could
allow information disclosure if a user opened a specially
crafted Web Service Discovery (.disco) file with one of the
affected software listed in this bulletin. Note that this
vulnerability would not allow an attacker to execute code or
to elevate their user rights directly, but it could be used to
produce information that could be used to try to further
compromise the affected system.
MS11-051
Vulnerability in Active Directory Certificate Services
Important
Web Enrollment Could Allow Elevation of Privilege
(2518295)
vulnerability in Active Directory Certificate Services Web
Enrollment. The vulnerability is a cross-site scripting (XSS)
vulnerability that could allow elevation of privilege, enabling
an attacker to execute arbitrary commands on the site in
the context of the target user. An attacker who successfully
exploited this vulnerability would need to send a specially
crafted link and convince a user to click the link. In all
cases, however, an attacker would have no way to force a
user to visit the Web site. Instead, an attacker would have
to persuade a user to visit the Web site, typically by getting
them to click a link in an e-mail message or Instant
Messenger message that takes the user to the vulnerable
Web site.
May 2011
ID
MS11-035
Summary
Vulnerability in WINS Could Allow Remote Code
Severity & Impact

Critical

77
ID
Summary
Execution (2524426)
Severity & Impact


vulnerability in the Windows Internet Name Service
(WINS). The vulnerability could allow remote code
execution if a user received a specially crafted WINS
replication packet on an affected system running the WINS
service. By default, WINS is not installed on any affected
operating system. Only customers who manually installed
this component are affected by this issue.
April 2011
ID
MS11-018
Summary
Severity & Impact
Critical
(2497640)

Internet Explorer. This security update is rated Critical for
Internet Explorer 6, Internet Explorer 7, and Internet
Explorer 8 on Windows clients; and Moderate for Internet
Explorer 6, Internet Explorer 7, and Internet Explorer 8 on
Windows servers. Internet Explorer 9 is not affected by the
vulnerabilities.
The most severe vulnerabilities could allow remote code
execution if a user views a specially crafted Web page using
Internet Explorer. An attacker who successfully exploited
any of these vulnerabilities could gain the same user rights
rights.
MS11-019
Vulnerabilities in SMB Client Could Allow Remote
Critical


78
ID
Summary
Severity & Impact
Microsoft Windows. The more severe of these vulnerabilities

could allow remote code execution if an attacker sent a
specially crafted SMB response to a client-initiated SMB
request. To exploit the vulnerability, an attacker must
convince the user to initiate an SMB connection to a
specially crafted SMB server.
MS11-020
Vulnerability in SMB Server Could Allow Remote Code
Critical
Execution (2508429)

allow remote code execution if an attacker created a
specially crafted SMB packet and sent the packet to an
affected system. Firewall best practices and standard
default firewall configurations can help protect networks
from attacks originating outside the enterprise perimeter
that would attempt to exploit these vulnerabilities.
MS11-027
Critical
(2508272)

Microsoft software. The vulnerabilities could allow remote
code execution if a user views a specially crafted Web page
that instantiates a specific ActiveX control with Internet
Explorer. Users whose accounts are configured to have
than users who operate with administrative user rights. This
update also includes kill bits for three third-party ActiveX
controls.
MS11-028
Critical

vulnerability in Microsoft .NET Framework. The vulnerability
could allow remote code execution on a client system if a
user views a specially crafted Web page using a Web
browser that can run XAML Browser Applications (XBAPs).

79
ID
Summary
Severity & Impact

restrictions.
MS11-029
Vulnerability in GDI+ Could Allow Remote Code
Critical
Execution (2489979)

vulnerability in Microsoft Windows GDI+. The vulnerability
could allow remote code execution if a user viewed a
specially crafted image file using affected software or
browsed a Web site that contains specially crafted content.
MS11-030
Vulnerability in DNS Resolution Could Allow Remote
Critical

vulnerability in Windows DNS resolution. The vulnerability
could allow remote code execution if an attacker gained
access to the network and then created a custom program
to send specially crafted LLMNR broadcast queries to the
target systems. Firewall best practices and standard default
firewall configurations can help protect networks from
attacks that originate outside the enterprise perimeter. Best
practices recommend that systems that are connected to
the Internet have a minimal number of ports exposed. In
this case, the LLMNR ports should be blocked from the
Internet.
MS11-031
Vulnerability in JScript and VBScript Scripting
Critical
Engines Could Allow Remote Code Execution
(2514666)

80
ID
Summary
Severity & Impact

vulnerability in the JScript and VBScript scripting engines.
user visited a specially crafted Web site. An attacker would
have no way to force users to visit the Web site. Instead,
an attacker would have to convince users to visit the Web
site, typically by getting them to click a link in an e-mail
message or Instant Messenger message that takes users to
the attacker's Web site.
MS11-032
Vulnerability in the OpenType Compact Font Format
Critical
(CFF) Driver Could Allow Remote Code Execution
(2507618)
vulnerability in the OpenType Compact Font Format (CFF)
driver. The vulnerability could allow remote code execution
if a user views content rendered in a specially crafted CFF
font. In all cases, an attacker would have no way to force
users to view the specially crafted content. Instead, an
attacker would have to convince users to visit a Web site,
MS11-024
Vulnerabilities in Windows Fax Cover Page Editor
Important
This security update resolves two publicly disclosed

could allow remote code execution if a user opened a
specially crafted fax cover page file (.cov) using the
Windows Fax Cover Page Editor. An attacker who
successfully exploited either of these vulnerabilities could
gain the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user rights on
the system could be less impacted than users who operate
MS11-026
Vulnerability in MHTML Could Allow Information
Important

81
ID
Summary
Severity & Impact

vulnerability in the MHTML protocol handler in Microsoft
Windows. The vulnerability could allow information
disclosure if a user visited a specially crafted Web site. In a
Web-based attack scenario, a Web site could contain a
specially crafted link that is used to exploit this
vulnerability. An attacker would have to convince users to
visit the Web site and open the specially crafted link.
MS11-033
Vulnerability in WordPad Text Converters Could Allow Important


vulnerability in Microsoft Windows. This security update is
rated Important for all supported editions of Windows XP
and Windows Server 2003. All supported editions of
Windows Vista, Windows Server 2008, Windows 7, and
Windows Server 2008 R2 are not affected by the
vulnerability.
user opened a specially crafted file using WordPad. An
MS11-034
Vulnerabilities in Windows Kernel-Mode Drivers Could Important

This security update resolves thirty privately reported

could allow elevation of privilege if an attacker logged on
locally and ran a specially crafted application. An attacker
locally to exploit these vulnerabilities. The vulnerabilities
could not be exploited remotely or by anonymous users.

82
ID
MS11-025
Summary
Vulnerability in Microsoft Foundation Class (MFC)
Library Could Allow Remote Code Execution
(2500212)
Severity & Impact

Important

vulnerability in certain applications built using the Microsoft
Foundation Class (MFC) Library. The vulnerability could
allow remote code execution if a user opens a legitimate file
associated with such an affected application, and the file is
located in the same network folder as a specially crafted
library file. For an attack to be successful, a user must visit
an untrusted remote file system location or WebDAV share
and open a document from this location that is then loaded
by the affected application.
March 2011
ID
MS11-015
Summary
Severity & Impact
Vulnerabilities in Windows Media Could Allow Remote
Critical

vulnerability in DirectShow and one privately reported
vulnerability in Windows Media Player and Windows Media
Center. The more severe of these vulnerabilities could allow
remote code execution if a user opens a specially crafted
Microsoft Digital Video Recording (.dvr-ms) file. In all cases,
a user cannot be forced to open the file; for an attack to be
successful, a user must be convinced to do so.
MS11-017
Vulnerability in Remote Desktop Client Could Allow
Important

vulnerability in Windows Remote Desktop Client. The
opens a legitimate Remote Desktop configuration (.rdp) file
located in the same network folder as a specially crafted

83
ID
Summary
Severity & Impact
library file. For an attack to be successful, a user must visit

an untrusted remote file system location or WebDAV share
and open a document from this location that is then loaded
by a vulnerable application.
February 2011
ID
MS11-003
Summary
Severity & Impact
Critical
(2482017)

vulnerabilities and two publicly disclosed vulnerabilities in
Internet Explorer. The vulnerabilities could allow remote
code execution if a user views a specially crafted Web page
using Internet Explorer or if a user opens a legitimate HTML
file that loads a specially crafted library file. An attacker
who successfully exploited any of these vulnerabilities could
MS11-006
Vulnerability in Windows Shell Graphics Processing
Critical

vulnerability in the Windows Shell graphics processor. The
views a specially crafted thumbnail image. An attacker who
successfully exploited this vulnerability could gain the same
user rights as the logged-on user. Users whose accounts
MS11-007
Vulnerability in the OpenType Compact Font Format
Critical
(CFF) Driver Could Allow Remote Code Execution
(2485376)

84
ID
Summary
Severity & Impact
vulnerability in the Windows OpenType Compact Font

Format (CFF) driver. The vulnerability could allow remote
code execution if a user views content rendered in a
specially crafted CFF font. In all cases, an attacker would
have no way to force users to view the specially crafted
content. Instead, an attacker would have to convince users
to visit a Web site, typically by getting them to click a link
in an e-mail message or Instant Messenger message that
takes users to the attacker's Web site.
MS11-004
Vulnerability in Internet Information Services (IIS)
Important
FTP Service Could Allow Remote Code Execution
(2489256)
vulnerability in Microsoft Internet Information Services (IIS)
FTP Service. The vulnerability could allow remote code
execution if an FTP server receives a specially crafted FTP
command. FTP Service is not installed by default on IIS.
MS11-005
Vulnerability in Active Directory Could Allow Denial of
Important
Service (2478953)
Denial of Service

vulnerability in Active Directory. The vulnerability could
allow denial of service if an attacker sent a specially crafted
packet to an affected Active Directory server. The attacker
must have valid local administrator privileges on the
domain-joined computer in order to exploit this
vulnerability.
MS11-009
Vulnerability in JScript and VBScript Scripting
Important
Engines Could Allow Information Disclosure
(2475792)
vulnerability in the JScript and VBScript scripting engines.
The vulnerability could allow information disclosure if a user
visited a specially crafted Web site. An attacker would have
no way to force users to visit these Web sites. Instead, an
attacker would have to convince users to visit the Web site,

85
ID
Summary
Severity & Impact

MS11-010
Important
(2476687)
vulnerability in the Microsoft Windows Client/Server Runtime Subsystem (CSRSS) in Windows XP and Windows
Server 2003.
attacker logs on to a user's system and starts a specially
crafted application that continues running after the attacker
logs off in order to obtain the logon credentials of
subsequent users. An attacker must have valid logon
vulnerability. The vulnerability could not be exploited
remotely or by anonymous users.
MS11-011
Important

Microsoft Windows. The vulnerabilities could allow elevation
of privilege if an attacker logged on locally and ran a
specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit
these vulnerabilities. The vulnerabilities could not be
exploited remotely or by anonymous users.
MS11-012
Vulnerabilities in Windows Kernel-Mode Drivers Could Important


could allow elevation of privilege if an attacker logged on
locally and ran a specially crafted application. An attacker
locally to exploit these vulnerabilities. The vulnerabilities

86
ID
Summary
Severity & Impact
could not be exploited remotely or by anonymous users.

MS11-013
Vulnerabilities in Kerberos Could Allow Elevation of
Important
Privilege (2496930)

Microsoft Windows. The more severe of these vulnerabilities
could allow elevation of privilege if a local, authenticated
attacker installs a malicious service on a domain-joined
computer.
MS11-014
Vulnerability in Local Security Authority Subsystem
Important
Service Could Allow Local Elevation of Privilege
(2478960)
vulnerability in the Local Security Authority Subsystem
Service (LSASS) in Windows XP and Windows Server 2003.
attacker logs on to a system and runs a specially crafted
and be able to log on locally to exploit this vulnerability.
The vulnerability could not be exploited remotely or by
anonymous users.
January 2011
ID
MS11-002
Summary
Severity & Impact
Vulnerabilities in Microsoft Data Access Components
Critical

vulnerabilities in Microsoft Data Access Components. The
views a specially crafted Web page. An attacker who
successfully exploited this vulnerability could gain the same
user rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could be

87
ID
Summary
Severity & Impact
less impacted than users who operate with administrative

user rights.
MS11-001
Vulnerability in Windows Backup Manager Could
Important

vulnerability in Windows Backup Manager. The vulnerability
legitimate Windows Backup Manager file that is located in
the same network directory as a specially crafted library
file. For an attack to be successful, a user must visit an
untrusted remote file system location or WebDAV share and
open the legitimate file from that location, which in turn
could cause Windows Backup Manager to load the specially
crafted library file.
Windows Updates Recommended Microsoft

Customers are recommended to apply the following Windows Updates on Windows 2008
and on systems which are supported by Microsoft Service Pack releases that are listed in the
Error! Reference source not found..
Please note, that the list of Windows updates is based on Windows Server 2008 R2 Service
Pack 1 (which is supported with version 11.1).
Update for Microsoft .NET Framework 3.5.1 on Windows 7 and

Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)
Critical Updates

Critical Updates
Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista,

Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)
Critical Updates
Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64based Systems (KB973688)
Critical Updates
Update for Windows Server 2008 R2 x64 Edition (KB2506014)
Critical Updates

88
Critical Updates
Critical Updates
Critical Updates
Critical Updates
Critical Updates
Critical Updates
Critical Updates
Microsoft .NET Framework 4 for Windows Server 2008 R2 x64-based

Systems (KB982671)
Feature Packs
Cumulative Security Update for ActiveX Killbits for Windows Server

2008 R2 x64 Edition (KB2900986)
Security Updates
Cumulative Security Update for Internet Explorer 9 for Windows

Server 2008 R2 x64 Edition (KB2925418)
Security Updates
MSXML 6.0 RTM Security Update (925673)
Security Updates
Security Update for Microsoft .NET Framework 3.5.1 on Windows 7

and Windows Server 2008 R2 for x64-based Systems (KB2832414)
Security Updates

and Windows Server 2008 R2 for x64-based Systems (KB2861191)
Security Updates

and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2604115)
Security Updates

(KB2656356)
Security Updates

(KB2729452)
Security Updates

(KB2736422)
Security Updates

(KB2742599)
Security Updates

89

(KB2756921)
Security Updates

(KB2789645)
Security Updates

(KB2840631)
Security Updates

(KB2844286)
Security Updates

(KB2861698)
Security Updates

(KB2863240)
Security Updates

(KB2898857)
Security Updates

(KB2901112)
Security Updates

(KB2911501)
Security Updates
Security Update for Microsoft .NET Framework 4 on Windows XP,

Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 for x64-based Systems (KB2487367)
Security Updates
Security Update for Microsoft .NET Framework 4 on XP, Server 2003,

Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)
Security Updates

Security Updates

Security Updates
Security Updates

90

Security Updates

Security Updates

Security Updates

Security Updates

Security Updates

Security Updates
Security Update for Microsoft Office 2003 Web Components for the
2007 Microsoft Office System (KB947318)
Security Updates
Security Update for Microsoft Visual C++ 2005 Service Pack 1

Redistributable Package (KB2538242)
Security Updates
Security Update for Microsoft Visual C++ 2008 Service Pack 1

Redistributable Package (KB2538243)
Security Updates
Security Update for Microsoft Visual C++ 2010 Redistributable

Package (KB2467173)
Security Updates
Security Update for Microsoft Visual Studio 2008 (KB972221)
Security Updates
Security Update for Microsoft Visual Studio 2008 Service Pack 1

(KB2669970)
Security Updates
Security Update for Microsoft Visual Studio 2008 Service Pack 1

(KB972222)
Security Updates
Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML
Editor (KB2251487)
Security Updates
Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for
x64-based Systems (KB954430)
Security Updates
Security Update for Report Viewer Redistributable 2008 (KB971118)
Security Updates
Security Update for Report Viewer Redistributable 2008 Service Pack 1

(KB971119)
Security Updates

91
Security Update for Windows Server 2008 R2 x64 Edition

(KB2425227)
Security Updates

(KB2479943)
Security Updates

(KB2506212)
Security Updates

(KB2509553)
Security Updates

(KB2511455)
Security Updates

(KB2536275)
Security Updates

(KB2536276)
Security Updates

(KB2544893)
Security Updates

(KB2560656)
Security Updates

(KB2564958)
Security Updates

(KB2570947)
Security Updates

(KB2584146)
Security Updates

(KB2585542)
Security Updates

(KB2620704)
Security Updates

(KB2621440)
Security Updates

(KB2631813)
Security Updates

(KB2643719)
Security Updates

92

(KB2653956)
Security Updates

(KB2654428)
Security Updates

(KB2655992)
Security Updates

(KB2667402)
Security Updates

(KB2676562)
Security Updates

(KB2685939)
Security Updates

(KB2690533)
Security Updates

(KB2691442)
Security Updates

(KB2698365)
Security Updates

(KB2705219)
Security Updates

(KB2706045)
Security Updates

(KB2712808)
Security Updates

(KB2719033)
Security Updates

(KB2727528)
Security Updates

(KB2743555)
Security Updates

(KB2757638)
Security Updates

(KB2758857)
Security Updates

93

(KB2765809)
Security Updates

(KB2770660)
Security Updates

(KB2772930)
Security Updates

(KB2785220)
Security Updates

(KB2803821)
Security Updates

(KB2807986)
Security Updates

(KB2813347)
Security Updates

(KB2813430)
Security Updates

(KB2834886)
Security Updates

(KB2835364)
Security Updates

(KB2839894)
Security Updates

(KB2840149)
Security Updates

(KB2847311)
Security Updates

(KB2847927)
Security Updates

(KB2849470)
Security Updates

(KB2853587)
Security Updates

(KB2855844)
Security Updates

94

(KB2861855)
Security Updates

(KB2862152)
Security Updates

(KB2862330)
Security Updates

(KB2862335)
Security Updates

(KB2862966)
Security Updates

(KB2862973)
Security Updates

(KB2864058)
Security Updates

(KB2864202)
Security Updates

(KB2868038)
Security Updates

(KB2868623)
Security Updates

(KB2868626)
Security Updates

(KB2868725)
Security Updates

(KB2872339)
Security Updates

(KB2875783)
Security Updates

(KB2876284)
Security Updates

(KB2876331)
Security Updates

(KB2884256)
Security Updates

95

(KB2887069)
Security Updates

(KB2892074)
Security Updates

(KB2893294)
Security Updates

(KB2916036)
Security Updates

(KB2929961)
Security Updates

(KB2930275)
Security Updates
Security Update for Windows Vista, Windows 7, Server 2008, Server

2008 R2 (KB2917500)
Security Updates
Update Rollups
Windows Internet Explorer 9 for Windows Server 2008 R2 for x64based Systems
Update Rollups
Windows Malicious Software Removal Tool x64 - March 2014

(KB890830)
Update Rollups
Update for Kernel-Mode Driver Framework version 1.11 for Windows

Updates
Update for Microsoft .NET Framework 4 on Windows XP, Windows

Server 2003, Windows Vista, Windows 7, Windows Server 2008,
Windows Server 2008 R2 for x64-based Systems (KB2468871)
Updates
Update for Microsoft .NET Framework 4 on Windows XP, Windows

Server 2003, Windows Vista, Windows 7, Windows Server 2008,
Windows Server 2008 R2 for x64-based Systems (KB2533523)
Updates

Updates

Updates
Update for User-Mode Driver Framework version 1.11 for Windows

Updates
Update for Windows Server 2008 R2 for x64-based Systems
Updates

96
(KB2830477)
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates

97
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates
Updates

Critical Updates

98

Critical Updates

Critical Updates

99

Verint Witness Impact 360 Third Party Certification Report

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Verint Witness Impact 360 Third Party Certification Report

Enviado por

Direitos autorais:

Formatos disponíveis

Impact 360

Third Party Certification Report

1992 2014 Verint Systems Inc. All Rights Reserved Worldwide.

Third Party Certification Report

Third Party Certification

Scope and Intended Audience

The Microsoft updates certification is also relevant for all Impact360

Verints Policy Regarding Updates

Updates Not Recommended

Non Approved Security Updates

Impact 360 Third Party Certification Report

Third Party Certification Report

Microsoft Security Updates & Windows Updates

Apache HTTP Server

Verint Guidance on Security Updates

Updates Not Recommended

Non Approved Security Updates

Verint Guidance on Security Updates

Impact 360 Third Party Certification Report

Third Party Certification Report

Security Updates Recommended Microsoft

Windows Updates Recommended Microsoft

Apache HTTP Server for Cognos

Non Approved Security Updates

Verint Guidance on Security Updates

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

KB2661254 - Verify Certificate Key Length in SSL Enabled Systems

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

JRE & Apache Tomcat Updates

For V11.1 SP1: Install KB115932

For V11.1 SP0: Install KB112620

For V11.0 SP1: Install KB107127

For U10 (all versions): Install U100_8826

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

The third party update tool is provided on a monthly basis,

Latest Certified Updates for Impact360 & KMS Servers

Apache Tomcat 6.0.37

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

Apache HTTP Server for Cognos

V11.0 SP1 and V11.1 SP0

HTTP Server 2.0.64

V11.1 SP1 HFR2 and

HTTP Server 2.2.25

For Verint Internal user, please use

Non Approved Security Updates

Severity & Impact

Impact 360 Third Party Certification Report

Third Party Certification Report

Verint Guidance on Security Updates

Security Updates Recommended Microsoft

Bulletin Title and Executive Summary

Cumulative Security Update for Internet Explorer (2925418)

This security update resolves one publicly disclosed vulnerability and