Office Sicherheitsupdates für August 2012 [MS12-057, MS12-059 und MS12-060] erschienen

Microsoft hat im Rahmen des heutigen Microsoft Patch Day für August 2012, neben Junk-E-Mail-Filter Updates für Outlook 2003, Outlook 2007 und Outlook 2010 und fünf Sicherheitsbulletins für die Systemkomponenten von Windows und Internet Explorer, auch drei Sicherheitsbulletins für Office veröffentlicht und zum Download bereitgestellt. Betroffen sind Office 2003, 2007 und 2010 sowie Visio 2010 und Visio Viewer 2010. Die August 2012 Sicherheitsupdates wurden am 14. August 2012 veröffentlicht.

Office Sicherheitsupdates für August 2012 herunterladen

Die folgenden Updates stehen im Download Center zum Download bereit:

• MS12-057 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (2731879)
  This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted file or embeds a specially crafted Computer Graphics Metafile (CGM) graphics file into an Office file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS12-059 - Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918)
  This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• MS12-060 - Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)
  This security update resolves a privately reported vulnerability in Windows common controls. The vulnerability could allow remote code execution if a user visits a website containing specially crafted content designed to exploit the vulnerability. In all cases, however, an attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website. The malicious file could be sent as an email attachment as well, but the attacker would have to convince the user to open the attachment in order to exploit the vulnerability.

Alle Benutzer werden aufgefordert die verfügbaren Updates so schnell wie möglich zu installieren, entweder über die in Windows integrierte Update-Funktion oder durch den manuellen Download über den Download Center.

Weitere Microsoft-Updates von 14. August 2012

• Microsoft Patch Day August 2012 - Neun Security Bulletins angekündigt
• Sicherheitsupdate für Office 2010 (KB2589322) erschienen
• Sicherheitsupdate für Office 2010 (KB2553260) erschienen
• Sicherheitsupdate für Office 2007 (KB2596615) erschienen
• Sicherheitsupdate für Office 2007 (KB2596754) erschienen
• Sicherheitsupdate für Visio 2010 (KB2553374) erschienen
• Sicherheitsupdate für Office 2010 (KB2597986) erschienen
• Sicherheitsupdate für Office 2007 (KB2687441) erschienen
• Sicherheitsupdate für Office 2003 (KB2687323) erschienen
• Windows Sicherheitsupdates für August 2012 erschienen
• Internet Explorer 9.0.9 steht zum Download bereit
• Update für Office 2010 (KB2553272) erschienen
• Update für Office 2010 (KB2598289) erschienen
• Outlook 2003 Junk-E-Mail-Filter Update für August 2012 (KB2687403)
• Outlook 2007 Junk-E-Mail-Filter Update für August 2012 (KB2687400)
• Outlook 2010 Junk-E-Mail-Filter Update für August 2012 (KB982726)
• Windows-Tool zum Entfernen bösartiger Software Version 4.11 erschienen

Microsoft Patch Day für August 2012 - Weitere Infos

• Microsoft Security Bulletin Summary for August 2012
  This bulletin summary lists security bulletins released for August 2012.
  http://technet.microsoft.com/en-us/security/bulletin/ms12-aug
• TechNet Blogs > MSRC > August 2012 Bulletin Release
  For this Update Tuesday we are releasing nine security bulletins - five Critical-class and four Important – addressing 26 vulnerabilities in Windows, Internet Explorer, Exchange, SQL Server, Server Software, Developer Tools, and Office.
  http://blogs.technet.com/b/msrc/archive/2012/08/14/august-2012-security-updates.aspx
• TechNet Blogs > August 2012 Office Update Release
  The August 2012 Public Update release for Office is now live and the updates are available for download. This release contains four security bulletins and seven non-security updates.
  http://blogs.technet.com/b/office_sustained_engineering/archive/2012/08/14/august-2012-office-update-release.aspx

Microsoft fordert die Benutzer auf die verfügbaren Updates so schnell wie möglich zu installieren, entweder über die in Windows integrierte Update-Funktion oder durch den manuellen Download über das Download Center.