Some quite interesting vulnerabilities this month, very weaponizable issues.

We highly recommend pushing patches and ET Pro signature detection asap!

 

BulletinCVETitleNotesET Pro Coverage
MS12-008CVE-2012-1054Keyboard Layout User After Free VulnerabilityLocal OnlyNot IDS Coverable
MS12-008CVE-2011-5046GDI Access Violation VulnerabilityDifficult to Exploit 2804510
MS12-009CVE-2012-0148AfdPoll Elevation of Privilege Vulnerability Local OnlyNot IDS Coverable
MS12-009CVE-2012-0149Ancillary Function Driver Elevation of Privilege VulnerabilityLocal OnlyNot IDS Coverable
MS12-010CVE-2012-0011HtmlLayout Remote Code Execution Vulnerability Exploitation Likely, HTML Driveby 2804511
MS12-010CVE-2012-0012Null Byte Information Disclosure VulnerabilityInformation Disclosure Only2804521
MS12-010CVE-2012-0155VML Remote Code Execution Vulnerability  Exploitation Likely, HTML Driveby 2804511
MS12-011CVE-2012-0017XSS in inplview.aspx2804512
MS12-011CVE-2012-0144XSS in themeweb.aspx2804513
MS12-011CVE-2012-0145XSS in wizardlist.aspx2804514
MS12-012CVE-2010-5082Color Control Panel (colorui.dll) Insecure Library LoadingPublicly Disclosed and Exploitable 2804516-2804520
MS12-013CVE-2012-0150Msvcrt.dll buffer overflow vulnerabilityExploitation Likely2804515
MS12-014CVE-2010-3138Indeo Audio Codec Insecure Library Loading VulnerabilityExploitation Likely, Publicly DisclosedPreviously Covered in 2801601 
MS12-015CVE-2012-0019VSD File Format Memory Corruption (2)Exploitation LikelyContinuing Research
MS12-015CVE-2012-0020VSD File Format Memory Corruption (3)Exploitation Likely2804523 (to be released)
MS12-015CVE-2012-0136VSD File Format Memory Corruption (4)Difficult to Exploit2804524 (to be released)
MS12-015CVE-2012-0137VSD File Format Memory Corruption (5)Difficult to ExploitContinuing Research
MS12-015CVE-2012-0138VSD File Format Memory Corruption (6)Difficult to ExploitContinuing Research
MS12-016CVE-2012-0014.NET Framework Unmaged Objects VulnerabilityExploitation Likely2804507
MS12-016CVE-2012-0015.NET Framework Heap Corruption VulnerabilityExploitation Likely2804508-2804509