FW: ADVANCE NOTIFICATION - December 2012 Microsoft Security Bulletin Release

["Jacobson, Dick" <dick.jacobson () NDUS EDU>]

Fyi ..

From: Jordan Franzen [mailto:jofran () microsoft com]
Sent: Thursday, December 06, 2012 12:48 PM
To: Kloberdanz, Rosi; Battagler, Cameron; Walker, William; Jacobson, Dick; Underwood, John
Subject: ADVANCE NOTIFICATION - December 2012 Microsoft Security Bulletin Release

What is the purpose of this alert?

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers on the 
number of new security updates being released, the products affected, the aggregate maximum severity, and information 
about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these 
security updates more effectively.

On December 11, 2012, Microsoft is planning to release seven new security bulletins. Below is a summary.

New Bulletin Summary

Bulletin ID

Maximum Severity Rating

Vulnerability Impact

Restart Requirement

Affected Software*

Bulletin 1

Critical

Remote Code Execution

Restart required

Internet Explorer on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 
2008 R2, Windows 8, Windows Server 2012, and Windows RT.

Bulletin 2

Critical

Remote Code Execution

Restart required

Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, 
Windows Server 2012, and Windows RT.

Bulletin 3

Critical

Remote Code Execution

May require restart

Microsoft Word 2003, Word 2007, Word 2010, Word Viewer, Office Compatibility Pack, SharePoint Server 2010, and Office 
Web Apps 2010.

Bulletin 4

Critical

Remote Code Execution

May require restart

Microsoft Exchange Server 2007 and Exchange Server 2010.

Bulletin 5

Critical

Remote Code Execution

Restart required

Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Bulletin 6

Important

Remote Code Execution

Restart required

Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and 
Windows Server 2012.

Bulletin 7

Important

Security Feature Bypass

Restart required

Windows Server 2008 R2 and Windows Server 2012.


* The list of affected software in the summary table is an abstract. To see the full list of affected components please 
click on the "Advance Notification Webpage" link below and review the "Affected Software" section.


Although we do not anticipate any changes, the number of bulletins, products affected, restart information, and 
severities are subject to change until released.

Advance Notification Webpage: The full version of the Microsoft Security Bulletin Advance Notification for this month 
can be found at http://technet.microsoft.com/security/bulletin/ms12-dec.

Microsoft Windows Malicious Software Removal Tool: Microsoft will release an updated version of the Microsoft Windows 
Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download 
Center.

Monthly Security Bulletin Webcast: To address customer questions on these bulletins Microsoft will host a webcast next 
Wednesday, December 12, 2012, at 11:00 A.M. Pacific Time (U.S. and Canada). Registration for this event and other 
details can be found at http://technet.microsoft.com/security/bulletin/.

At this time, no additional information on these bulletins, such as details regarding the vulnerability or severity, 
will be made available until the bulletins are published on Tuesday.


Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft's 
security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an 
inconsistency between the information here and the information in Microsoft's web-based security content, the 
information in Microsoft's web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager.

Thank you,
Microsoft CSS Security Team


Jordan Franzen
Technical Account Manager, Microsoft Premier National, Public Sector
jofran () microsoft com<mailto:jofran () microsoft com> | Office: 701-281-6963 | Mobile: 701-541-7110

Incident Support:  (800) 936-3100 or (425) 454-7946
Microsoft Premier Online: https://premier.microsoft.com<https://premier.microsoft.com/>