Microsoft released nine bulletins yesterday, including a patch for MS Security Advisory (2719615), which Microsoft put out on the same day of last month’s bulletin release. Although we have not seen an increase in attacks utilizing the said vulnerability, we found several exploit codes and wrote detailed analyses on these.
Trend Micro Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plugin users have been protected since the advisory was put out. The rule 1005061 – Microsoft XML Core Services Remote Code Execution Vulnerability (CVE-2012-1889) actively protects from attacks attempting to exploit the Microsoft XML Core Services vulnerability.
In other vulnerability news, we are also shipping out the rule 1004968 – Microsoft .NET Framework Tilde Character Denial of Service Vulnerability that protects against possible attacks that may use the yet-to-be-patched Microsoft IIS tilde character vulnerability. The vulnerability may result in a denial of service (DoS) if successfully exploited.
More information on the bulletins and the corresponding Deep Security/IDF rules are found in this Threat Encyclopedia page.