Login to myLSU

CIO  |  IT Security & Policy  |  LONI  |  LOUIS  |  UIS  |  UNI  |  USS  |  MDAC  |  Moodle
IT Security & Policy
ITS  >  IT Security & Policy  >  Announcements
Microsoft and Adobe Updates for April 2012

Microsoft Updates

Microsoft released 6 security bulletins (4 rated critical and 2 rated important) that address 7 vulnerabilities in Microsoft products.

The following two updates should be applied as soon as possible because they pose the greatest risk

  • MS12-027 (Windows Common Controls): This security update resolves a CVE in the MSCOMCTL.OCX ActiveX control, which could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability.
  • MS12-023 (Internet Explorer): This security update resolves five CVEs in Internet Explorer, which could allow a third party to gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

LSU computers will download and install the updates as scheduled by either its group policy or local security center settings. Remember to close all applications at the end of work day today because several updates require a reboot to complete installation.

More information on the Microsoft bulletins – http://technet.microsoft.com/en-us/security/bulletin/ms12-apr


Adobe Updates

Adobe released a security bulletin that address critical vulnerabilities in Adobe Reader and Acrobat. Users should update to the latest supported versions.

The vulnerability affects the following versions of Adobe Reader and Acrobat.

  • Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh (Priority 2)
  • Adobe Reader 9.5 and earlier 9.x versions for Windows and Macintosh (Priority 1)
  • Adobe Reader 9.5 and earlier 9.x versions for Macintosh (Priority 2)
  • Adobe Reader 9.4.6 and earlier 9.x versions for Linux (Priority 2)
  • Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh (Priority 2)
  • Adobe Acrobat 9.5 and earlier 9.x versions for Windows (Priority 1)
  • Adobe Acrobat 9.5 and earlier 9.x versions for Macintosh (Priority 2)

Priority Level Definitions

  • Priority 1: This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for instance, within 72 hours).
  • Priority 2: This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Adobe recommends administrators install the update soon (for instance, within 30 days).

Adobe recommends users of Adobe Reader X and Acrobat X 10.1.2 and earlier versions for Windows and Macintosh update to 10.1.3. Users of Adobe Reader and Acrobat 9.5 and earlier versions for Windows, Macintosh, and Linux should update to 9.5.1. Departments participating in the Secunia Service from ITS will receive the update for Windows through WSUS when it becomes available. To learn more about the Secunia Service visit https://its-secunia.lsu.edu

More information on Adobe's Security Bulletin APSB12-08 - http://www.adobe.com/support/security/bulletins/apsb12-08.html

This announcement posted Tuesday, April 10, 2012

Information Technology Services

Louisiana State University

200 Frey Computing Services

Baton Rouge, LA 70803

Telephone: (225) 578-3700

Fax: (225) 578-6400

Send Comments or Questions about this site to the Webmaster
Copyright © 2013. All Rights Reserved. Official Web Page of Louisiana State University.