-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System Technical Cyber Security Alert TA12-101A Microsoft Updates for Multiple Vulnerabilities Original release date: April 10, 2012 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft .NET Framework * Microsoft Office * Microsoft Server Software * Microsoft SQL Server * Microsoft Developer Tools * Microsoft Forefront United Access Gateway Overview There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for April 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References * Microsoft Security Bulletin Summary for April 2012 - <http://technet.microsoft.com/en-us/security/bulletin/ms12-apr> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> * Microsoft Update - <https://www.update.microsoft.com/> * Microsoft Update Overview - <http://www.microsoft.com/security/updates/mu.aspx> * Turn Automatic Updating On or Off - <http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off> Revision History April 10, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@xxxxxxxx> with "TA12-101A Feedback VU#507275" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-101A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBT4R9vT/GkGVXE7GMAQJ9Kwf+KD4RrpgeT6CAAgILeIFesdYAGWvVBkS2 2HvmfVPJzwddWuPq66BHM+gfHHSIQ7l2zySp7U/pmAzAJ4xmsxg0Jog+R4IfOcDG qRUprowI1Uf6hdSZbsQz2Z3KJgcs3DrT7WxgTmbFVk7ezlkFUO1dn+hcAlmWSRzU nKjZBFOswTQqhrOIHit8BxKewt5vD4qwx37Rm2d8QrVaqohf40ih15ArK+VonU4b MB29KEtcNDKoaCRVBiKj1rgiGuLCVhYoz7aPq3ey4zTnFtqkU4zZR4hv+FaUJ4kO 2UCQzfsnMp3JDY+K68E+AchH0PtYOi2T5Dp3gtqdleaxr+tWOdShRg== =Iv8O -----END PGP SIGNATURE-----