Microsoft Updates

Microsoft released 7 security bulletins (3 rated critical and 4 rated important) that address 26 vulnerabilities in Microsoft Windows, Internet Explorer, Dynamics AX, Microsoft Lync, and the .NET Framework.

Make sure the following two *Critical* updates are applied on your systems.

MS12-037 (Internet Explorer): This security update addresses 13 issues affecting all supported versions of IE. The maximum severity for these issues is Critical and could result in remote code execution.
MS12-036 (RDP): This security update addresses one Critical issue affecting all supported versions of Microsoft Windows that could result in remote code execution. Attack vectors for this issue include maliciously crafted websites and email.

LSU computers will download and install the updates as scheduled by either its group policy or local security center settings. Remember to close all applications at the end of work day today because several updates require a reboot to complete installation.

More information on the Microsoft bulletins – http://technet.microsoft.com/en-us/security/bulletin/ms12-jun


Adobe Updates

Adobe released 2 security bulletins that address critical vulnerabilities in Adobe ColdFusion and Flash Player. Users should update to the latest supported versions. A Secunia package will be created for Adobe Flash Players when available, and will be deployed to computers subscribed to the LSU Secunia CSI service.

Security bulletins from Adobe

• APSB12-14 Priority 2 security update for Adobe Flash Player (http://www.adobe.com/support/security/bulletins/apsb12-14.html)
• APSB12-15 Priority 2 security update for Adobe Coldfusion (http://www.adobe.com/support/security/bulletins/apsb12-15.html)

Priority Level Definitions

• Priority 1: This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for instance, within 72 hours).
• Priority 2: This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Adobe recommends administrators install the update soon (for instance, within 30 days).
• Priority 3: This update resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.