You are on page 1of 99

Impact 360

Third Party Certification Report


Document Revision 1.02

March 2014

1992 2014 Verint Systems Inc. All Rights Reserved Worldwide.


Confidential and Proprietary Information of Verint Systems Inc.
All materials (regardless of form and including, without limitation, software applications,
documentation, and any other information relating to Verint Systems, its products or
services) are the exclusive property of Verint Systems Inc. Only expressly authorized
individuals under obligations of confidentiality are permitted to review materials in this
document. By reviewing these materials, you agree to not disclose these materials to any
third party unless expressly authorized by Verint Systems, and to protect the materials as
confidential and trade secret information. Any unauthorized review, retransmission,
dissemination or other use of these materials is strictly prohibited. If you are not
authorized to review these materials, please return these materials (and any copies) from
where they were obtained. All materials found herein are provided AS IS and without
warranty of any kind.
Verint Systems Inc. does not warrant, guarantee or make any representation regarding
the use or the results of the use of the information, links, tools, and materials in terms of
the accuracy, reliability, quality, validity, stability, completeness, currentness, or
otherwise of its content or products. The entire risk as to the use, results and performance
of information, links, tools and materials provided or referenced herein is assumed by the
user. Verint Systems Inc. shall not be liable for damages resulting from the use, misuse
or unlawful use of the information, links, tools, and materials contained or referenced
herein.
Any third party technology that may be appropriate or necessary for use with the Verint
Product is licensed to you only for use with the Verint Product under the terms of the third
party license agreement specified in the Documentation, the Software or as provided
online at http://verint.com/thirdpartylicense. You may not take any action that would
separate the third party technology from the Verint Product. Unless otherwise permitted
under the terms of the third party license agreement, you agree to only use the third
party technology in conjunction with the Verint Product.
The Verint Systems Inc. products are protected by one or more U.S., European or
International Patents and other U.S. and International Patents and Patents Pending.
All marks referenced herein with the or symbol are registered trademarks or
trademarks of Verint Systems Inc. or its subsidiaries. All rights reserved. All other marks
are trademarks of their respective owners.
Visit our website at www.verint.com/intellectualpropertynotice for updated information on
Verint Intellectual Property.
Document Revision 1.02
Published March 25, 2014 7:46 PM
**NOTICE: April Release will be on April 28th and not April 22nd.

Contents
Introduction ................................................................................................. 4
Scope and Intended Audience ......................................................................... 4
Verints Policy Regarding Updates .................................................................... 4
Updates Recommended .............................................................................. 4
Updates Not Recommended ......................................................................... 5
Non Approved Security Updates ................................................................... 5
Verint Guidance on Security Updates ............................................................... 5
Post-Installation Requirements .................................................................... 6
Security Updates Recommended Microsoft ................................................ 11
Windows Updates Recommended Microsoft ............................................... 87
JRE & Apache Tomcat Updates .................................................................. 7
Apache HTTP Server for Cognos ................................................................. 10
Non Approved Security Updates ................................................................. 10

Third Party Certification Report

Introduction

Third Party Certification


Report
This document describes Verints policy and position related to Third Party Certification.

Introduction
This cumulative bulletin contains Microsoft updates & Third-Party updates in accordance
with Verints policy on supporting Microsoft Operating Systems, Service Packs, Security
Bulletins and Security updates.
For information on Verints policy, see Verints Microsoft and Third-Party Support Policy
document.

Scope and Intended Audience


This bulletin is intended for Verint customers and provides support for all Verint products:
NOTE

The Microsoft updates certification is also relevant for all Impact360


versions (11, 10, 7.8, etc.).
All JRE/Apache/Apache HTTP server updates are relevant only
for Impact360 V11 and cannot be installed on legacy versions.

Verints Policy Regarding Updates


This certification report is cumulative and reflects Verints Third-Party certification
policy.
Verints recommendation policy includes the following levels of recommendation:

Updates Recommended

Updates Not Recommended

Non Approved Security Updates

Updates Recommended
Verint provides recommendations for the following Third-Party product updates, which are
used by the Verint products:

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Microsoft Security Updates & Windows Updates

JRE

Apache Tomcat

Apache HTTP Server

Verint Guidance on Security Updates

Updates Not Recommended


Verint does not provide recommendations for the following types of updates:

Microsoft Service Packs that are not part of the Verints supported products

Microsoft Security Updates that are not part of the Verints supported products

It is Verints recommendation that customers DO NOT install these types of updates, but
rather wait for the relevant Microsoft Service Packs that roll up all the non-critical updates.
Should the customer choose to apply any of these updates as per their own IT policy, the
customer must contact Verint Systems Technical Support.

Non Approved Security Updates


Verint provides instructions not to install specific fixes for the above Third-Party products.
These fixes are not compatible with Verint products or Windows products and must
therefore not be implemented. Once installed on Impact 360 environments, these Updates
were found to be damaging.
Should the customer choose to apply any of these updates as per their own IT policy,
customer must contact Verint Systems Technical Support.

Verint Guidance on Security Updates


Verint Guidance is provided on the followings requirements and updates:

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Post-Installation Requirements

Security Updates Recommended Microsoft

Windows Updates Recommended Microsoft

Apache HTTP Server for Cognos

Non Approved Security Updates

Verint Guidance on Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Verint Guidance on Security Updates

Post-Installation Requirements
This section presents third party updates, which may cause dis-functionality in Impact 360
systems, and to overcome these issues, certain steps should be taken.

KB2661254 - Verify Certificate Key Length in SSL Enabled Systems


Microsoft released windows update 2661254 which restricts the use of certificates with RSA
keys less than 1024 bits in length (This update has become a windows critical update and is
installed on all servers that use the WSUS server and are configured to have critical updates
installation).
To resolve the issue a new RSA certificate must be created with 1024 bits or higher, and
configured in the system.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Verint Guidance on Security Updates

JRE & Apache Tomcat Updates


Desktop Policy
Updating desktops is the customers responsibility. However, Verint certifies its desktop
software against the latest available 3rd party software updates on a monthly basis. The
recommended version is the latest version that was certified by Verint. Verint does not
supply the installation package for 3rd party updates on desktops.
Recommended Desktop Version Updates
Version

Published Date

JRE 7 Update 51

December 2013

Important Notice
This client version is supported only if the following is done:
For WFM:
On Application Server: Set non Static JRE Versioning in System Management General
Settings
On Client Browser: (If I360 version is lower than 11.1.1.1929)
Click Run to allow application will run with unrestricted access.. (can be suppressed
to only shown once by checking Do Not show this again for apps from the
publisher)
Add Exception Site list, the AppServer and port number to Java Control Panel
Security tab of each Client machine or via file.

http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/exception_site_list.html

For Data Analytics Instance Builder & Storage Manager Rule Editor:

For V11.1 SP1: Install KB115932

For V11.1 SP0: Install KB112620

For V11.0 SP1: Install KB107127

For U10 (all versions): Install U100_8826

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Verint Guidance on Security Updates

After KB installations the following Windows will be shown when trying to open Data
Analytics Instance Builder or Storage manager Rule Editor, make sure you check the I
accept and click Run

Second window will be empty, click Close and you will then be able to open the applications
properly.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

Third Party Certification Report

Verint Guidance on Security Updates

Server Policy
Updating desktops is the customers responsibility. However Verint certifies its server
software against the latest available 3rd party software version on a monthly basis. As
opposed to desktops, the software updates used are only the ones supplied by Verint.
Do not use other packages from the 3rd party software vendors.
A tool which automates the updates of the JRE version and the Apache Tomcat can be
downloaded from GURU.
The JRE & Apache version update tool is provided in two formats:
A standalone installation tool.
Included in the HFR kit.
NOTE

The third party update tool is provided on a monthly basis,


effective December 2012.
The update tool will also be included in future V11 kits that are
due to be published effective January 2013.

Latest Certified Updates for Impact360 & KMS Servers


Version

Published Date

JRE 6 Update 71

December 2013

Apache Tomcat 6.0.37

May 2012

Installation Steps for JRE & Apache Tomcat updates on Impact360 Servers:
1. From the Latest Hotfix section in Guru, download the Hotfix Deploy
Tool.zip
NOTE

If you have downloaded the Hotfix Deploy Tool.zip in the past you do not need
to download it again.

2. Unzip the Deploy tool in any computer that has network connection to the
system.
3. Download the JavaUpgrade.exe from one of the following links and click
Open:
a. For Verint Internal user, please use this link
b. For Online users, please use this link

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

10

Third Party Certification Report

Verint Guidance on Security Updates

This file holds the updated JRE and Tomcat versions as mentioned below.
4. Copy JavaUpgrade.exe to the same folder which the Deploy tool has been
extracted.
5. Double click on the Hotfix Deploy Tool.exe
6. Double click on the JavaUpgrade.exe.
7. Double click on Setup.exe and click Next when prompted, until the task is
completed.
There is an option use the deploy tool to install on multiple servers. For further
instructions please see the Hotfix Deploy Tool User Guide which is located in
the same location where the tool was downloaded from.

Installation Steps for JRE & Apache Tomcat updates on KMS Servers:
For Verint Internal users, please use this link and click Open
For External users, please use this link and click Open

Apache HTTP Server for Cognos


Impact Version

Apache Version

V11.0 SP1 and V11.1 SP0

HTTP Server 2.0.64

Download Link
For Verint Internal user, please use
this link
For External users, please use this link

V11.1 SP1 HFR2 and


higher

HTTP Server 2.2.25

For Verint Internal user, please use


this link
For External users, please use this link

Non Approved Security Updates


The following Updates are not approved by Verint as they are not compatible with Verint
products or Windows products and must therefore not be implemented.
In addition, these Updates were found to be damaging, if they are installed on Impact 360
environments.
Should the customer choose to apply any of these updates per their own IT policy, customer
must contact Verint Systems Technical Support.

Product

Summary / Version

Severity & Impact

Published Date

N/A

N/A

N/A

N/A

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

11

Third Party Certification Report

Verint Guidance on Security Updates

Security Updates Recommended Microsoft


Customers are recommended to apply the following Security Updates on Windows 2008
and Windows 2003 systems, which are supported by Microsoft Service Pack releases listed
in the Error! Reference source not found.:
March 2014
Bulletin
ID

MS14-012

Bulletin Title and Executive Summary

Cumulative Security Update for Internet Explorer (2925418)

Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code Execution

This security update resolves one publicly disclosed vulnerability and


seventeen privately reported vulnerabilities in Internet Explorer. These
vulnerabilities could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An attacker who
successfully exploited these vulnerabilities could gain the same user
rights as the current user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who
operate with administrative user rights.

MS14-013

Vulnerability in Microsoft DirectShow Could Allow Remote Code

Critical

Execution (2929961)

Remote Code Execution

This security update resolves a privately reported vulnerability in


Microsoft Windows. The vulnerability could allow remote code execution
if a user opens a specially crafted image file. An attacker who
successfully exploited this vulnerability could gain the same user rights
as the current user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users who
operate with administrative user rights.

MS14-015

Vulnerabilities in Windows Kernel-Mode Driver Could Allow

Important

Elevation of Privilege (2930275)

Elevation of Privilege

This security update resolves one publicly disclosed vulnerability and

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

12

Third Party Certification Report

Bulletin
ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

one privately reported vulnerability in Microsoft Windows. The more


severe of these vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially crafted application.
An attacker must have valid logon credentials and be able to log on
locally to exploit these vulnerabilities.

MS14-016

Vulnerability in Security Account Manager Remote (SAMR) Protocol

Important

Could Allow Security Feature Bypass (2934418)

Security Feature Bypass

This security update resolves one privately reported vulnerability in


Microsoft Windows. The vulnerability could allow security feature bypass
if an attacker makes multiple attempts to match passwords to a
username.

February 2014
Bulletin
ID

MS14-010

Bulletin Title and Executive Summary

Cumulative Security Update for Internet Explorer (2909921)

Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code Execution

This security update resolves one publicly disclosed vulnerability and


twenty-three privately reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer. An attacker
who successfully exploited the most severe of these vulnerabilities could
gain the same user rights as the current user. Users whose accounts are
configured to have fewer user rights on the system could be less
impacted than users who operate with administrative user rights.

MS14-011

Vulnerability in VBScript Scripting Engine Could Allow Remote

Critical

Code Execution (2928390)

Remote Code Execution

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

13

Third Party Certification Report

Bulletin
ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

This security update resolves a privately reported vulnerability in the


VBScript scripting engine in Microsoft Windows. The vulnerability could
allow remote code execution if a user visited a specially crafted website.
An attacker would have no way to force users to visit the website.
Instead, an attacker would have to convince users to take action,
typically by getting them to click a link in an email message or Instant
Messenger message that takes users to the attacker's website.

MS14-007

Vulnerability in Direct2D Could Allow Remote Code Execution

Critical

(2912390)

Remote Code Execution

This security update resolves a privately reported vulnerability in


Microsoft Windows. The vulnerability could allow remote code execution
if a user views a specially crafted webpage using Internet Explorer. An
attacker would have no way to force users to view specially crafted
content. Instead, an attacker would have to convince users to take
action, typically by getting them to click a link in an email message or in
an Instant Messenger message that takes users to an attacker's website,
or by getting them to open an attachment sent through email.

MS14-008

Vulnerability in Microsoft Forefront Protection for Exchange Could

Critical

Allow Remote Code Execution (2927022)

Remote Code Execution

This security update resolves a privately reported vulnerability in


Microsoft Forefront. The vulnerability could allow remote code
execution if a specially crafted email message is scanned.

MS14-009

Vulnerabilities in .NET Framework Could Allow Elevation of

Important

Privilege (2916607)

Elevation of Privilege

This security update resolves two publicly disclosed vulnerabilities and


one privately reported vulnerability in Microsoft .NET Framework. The
most severe vulnerability could allow elevation of privilege if a user visits
a specially crafted website or a website containing specially crafted web
content. In all cases, however, an attacker would have no way to force
users to visit such websites. Instead, an attacker would have to convince
users to visit the compromised website, typically by getting them to click

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

14

Third Party Certification Report

Bulletin
ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

a link in an email message or in an Instant Messenger message that


takes them to the attacker's website.

MS14-005

Vulnerability in Microsoft XML Core Services Could Allow

Important

Information Disclosure (2916036)

Information Disclosure

This security update resolves a publicly disclosed vulnerability in


Microsoft XML Core Services included in Microsoft Windows. The
vulnerability could allow information disclosure if a user views a specially
crafted webpage using Internet Explorer. An attacker would have no way
to force users to view specially crafted content. Instead, an attacker
would have to convince users to take action, typically by getting them to
click a link in an email message or in an Instant Messenger message that
takes users to an attacker's website, or by getting them to open an
attachment sent through email.

MS14-006

Vulnerability in IPv6 Could Allow Denial of Service (2904659)

Important
Denial of Service

This security update resolves a publicly disclosed vulnerability in


Microsoft Windows. The vulnerability could allow denial of service if an
attacker sends a large number of specially crafted IPv6 packets to an
affected system. To exploit the vulnerability, an attacker's system must
belong to the same subnet as the target system.

January 2014
Bulletin
ID

MS14-002

Bulletin Title and Executive Summary

Vulnerability in Windows Kernel Could Allow Elevation


of Privilege (2914368)

Maximum Severity
Rating and
Vulnerability
Impact
Important
Elevation of Privilege

This security update resolves a publicly disclosed vulnerability


in Microsoft Windows. The vulnerability could allow elevation of
privilege if an attacker logs on to a system and runs a specially

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

15

Third Party Certification Report

Bulletin
ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

crafted application. An attacker must have valid logon


credentials and be able to log on locally to exploit this
vulnerability.

MS14-003

Vulnerability in Windows Kernel-Mode Drivers Could


Allow Elevation of Privilege (2913602)

Important
Elevation of Privilege

This security update resolves a privately reported vulnerability


in Microsoft Windows. The vulnerability could allow elevation of
privilege if a user logs on to a system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit this
vulnerability.

December 2013
Bulletin ID

MS13-096

Bulletin Title and Executive Summary

Vulnerability in Microsoft Graphics Component Could


allow Remote Code Execution (2908005)

Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code
Execution

This security update resolves a publicly disclosed


vulnerability in Microsoft Windows, Microsoft Office, and
Microsoft Lync. The vulnerability could allow remote code
execution if a user views content that contains specially
crafted TIFF files.

MS13-097

Cumulative Security Update for Internet Explorer


(2898785)

Critical
Remote Code
Execution

This security update resolves seven privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer.
An attacker who successfully exploited the most severe of
these vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to have

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

16

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

fewer user rights on the system could be less impacted than


users who operate with administrative user rights.

MS13-098

Vulnerability in Windows Could Allow Remote Code


Execution (2893294)

Critical
Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user or application runs or
installs a specially crafted, signed portable executable (PE)
file on an affected system.

MS13-099

Vulnerability in Microsoft Scripting Runtime Object


Library Could Allow Remote Code Execution
(2909158)

Critical
Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if an attacker convinces a user
to visit a specially crafted website or a website that hosts
specially crafted content. An attacker who successfully
exploited this vulnerability could gain the same user rights
as the local user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.

MS13-101

Vulnerabilities in Windows Kernel-Mode Drivers Could


Allow Elevation of Privilege (2880430)

Important
Elevation of Privilege

This security update resolves five privately reported


vulnerabilities in Microsoft Windows. The more severe of
these vulnerabilities could allow elevation of privilege if an
attacker logs on to a system and runs a specially crafted
application. An attacker must have valid logon credentials
and be able to log on locally to exploit this vulnerability.

MS13-102

Vulnerability in LRPC Client Could Allow Elevation of


Privilege (2898715)

Important

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

17

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker spoofs an LRPC
server and sends a specially crafted LPC port message to
any LRPC client. An attacker who successfully exploited the
vulnerability could then install programs; view, change, or
delete data; or create new accounts with full administrator
rights. An attacker must have valid logon credentials and be
able to log on locally to exploit this vulnerability.

November 2013
Bulletin ID

MS13-088

Bulletin Title and Executive Summary

Cumulative Security Update for Internet Explorer


(2888505)

Maximum Severity
Rating and
Vulnerability
Impact
Critical
Remote Code
Execution

This security update resolves ten privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer.
An attacker who successfully exploited the most severe of
these vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than
users who operate with administrative user rights.

MS13-089

Vulnerability in Windows Graphics Device Interface


Could Allow Remote Code Execution (2876331)

Critical
Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user views or opens a
specially crafted Windows Write file in WordPad. An attacker
who successfully exploited this vulnerability could gain the
same user rights as the current user. Users whose accounts
are configured to have fewer user rights on the system

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

18

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

could be less impacted than users who operate with


administrative user rights.

MS13-090

Cumulative Security Update of ActiveX Kill Bits


(2900986)

Critical
Remote Code
Execution

This security update resolves a privately reported


vulnerability that is currently being exploited. The
vulnerability exists in the InformationCardSigninHelper
Class ActiveX control. The vulnerability could allow remote
code execution if a user views a specially crafted webpage
with Internet Explorer, instantiating the ActiveX control.
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who
operate with administrative user rights.

MS13-092

Vulnerability in Hyper-V Could Allow Elevation of


Privilege (2893986)

Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker passes a specially
crafted function parameter in a hypercall from an existing
running virtual machine to the hypervisor. The vulnerability
could also allow denial of service for the Hyper-V host if the
attacker passes a specially crafted function parameter in a
hypercall from an existing running virtual machine to the
hypervisor.

MS13-093

Vulnerability in Windows Ancillary Function Driver


Could Allow Information Disclosure (2875783)

Important
Information Disclosure

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow information disclosure if an attacker logs on to an
affected system as a local user, and runs a specially crafted
application on the system that is designed to enable the
attacker to obtain information from a higher-privileged
account. An attacker must have valid logon credentials and

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

19

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

be able to log on locally to exploit this vulnerability.

MS13-095

Vulnerability in Digital Signatures Could Allow Denial


of Service (2868626)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow denial of service when an affected web service
processes a specially crafted X.509 certificate.

October 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

MS13-080

Cumulative Security Update for Internet Explorer


(2879017)

Critical
Remote Code Execution

This security update resolves one publicly disclosed


vulnerability and eight privately reported vulnerabilities in
Internet Explorer. The most severe vulnerabilities could
allow remote code execution if a user views a specially
crafted webpage using Internet Explorer. An attacker who
successfully exploited the most severe of these
vulnerabilities could gain the same user rights as the current
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users
who operate with administrative user rights.

MS13-081

Vulnerabilities in Windows Kernel-Mode Drivers Could


Allow Remote Code Execution (2870008)

Critical
Remote Code Execution

This security update resolves seven privately reported


vulnerabilities in Microsoft Windows. The most severe of
these vulnerabilities could allow remote code execution if a
user views shared content that embeds OpenType or
TrueType font files. An attacker who successfully exploited

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

20

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Maximum Severity
Rating and
Vulnerability Impact

Bulletin Title and Executive Summary

these vulnerabilities could take complete control of an


affected system.

MS13-082

Vulnerabilities in .NET Framework Could Allow


Remote Code Execution (2878890)

Critical
Remote Code Execution

This security update resolves two privately reported


vulnerabilities and one publicly disclosed vulnerability in
Microsoft .NET Framework. The most severe of the
vulnerabilities could allow remote code execution if a user
visits a website containing a specially crafted OpenType font
(OTF) file using a browser capable of instantiating XBAP
applications.

MS13-083

Vulnerability in Windows Common Control Library


Could Allow Remote Code Execution (2864058)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if an attacker sends a specially
crafted web request to an ASP.NET web application running
on an affected system. An attacker could exploit this
vulnerability without authentication to run arbitrary code.

September 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

MS13-069

Cumulative Security Update for Internet Explorer


(2870699)

Critical
Remote Code Execution

This security update resolves ten privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited the
most severe of these vulnerabilities could gain the
same user rights as the current user. Users whose

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

21

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

accounts are configured to have fewer user rights on


the system could be less impacted than users who
operate with administrative user rights.

MS13-070

Vulnerability in OLE Could Allow Remote Code


Execution (2876217)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
file that contains a specially crafted OLE object. An
attacker who successfully exploited this vulnerability
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS13-071

Vulnerability in Windows Theme File Could Allow


Remote Code Execution (2864063)

Important
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user applies a
specially crafted Windows theme on their system. In
all cases, a user cannot be forced to open the file or
apply the theme; for an attack to be successful, a user
must be convinced to do so.

MS13-076

Vulnerabilities in Kernel-Mode Drivers Could


Allow Elevation of Privilege (2876315)

Important
Elevation of Privilege

This security update resolves seven privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow elevation of privilege if an attacker logs
onto the system and runs a specially crafted
application. An attacker must have valid logon
credentials and be able to log on locally to exploit
these vulnerabilities.

MS13-077

Vulnerability in Windows Service Control

Important

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

22

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Manager Could Allow Elevation of Privilege


(2872339)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege if an attacker
convinces an authenticated user to execute a specially
crafted application. To exploit this vulnerability, an
attacker either must have valid logon credentials and
be able to log on locally or must convince a user to run
the attacker's specially crafted application.

MS13-079

Vulnerability in Active Directory Could Allow


Denial of Service (2853587)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Active Directory. The vulnerability
could allow denial of service if an attacker sends a
specially crafted query to the Lightweight Directory
Access Protocol (LDAP) service.

August 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

MS13-059

Cumulative Security Update for Internet


Explorer (2862772)

Critical
Remote Code Execution

This security update resolves eleven privately


reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully
exploited the most severe of these vulnerabilities
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted
than users who operate with administrative user
rights.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

23

Third Party Certification Report

Verint Guidance on Security Updates

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

MS13-060

Vulnerability in Unicode Scripts Processor


Could Allow Remote Code Execution (2850869)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in the Unicode Scripts Processor
included in Microsoft Windows. The vulnerability
could allow remote code execution if a user viewed a
specially crafted document or webpage with an
application that supports embedded OpenType fonts.
An attacker who successfully exploited this
vulnerability could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

MS13-062

Vulnerability in Remote Procedure Call Could


Allow Elevation of Privilege (2849470)

Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege if an attacker sends
a specially crafted RPC request.

MS13-063

Vulnerabilities in Windows Kernel Could Allow


Elevation of Privilege (2859537)

Important
Elevation of Privilege

This security update resolves one publicly disclosed


vulnerability and three privately reported
vulnerabilities in Microsoft Windows. The most
severe vulnerabilities could allow elevation of
privilege if an attacker logged on locally and ran a
specially crafted application. An attacker must have
valid logon credentials and be able to log on locally
to exploit these vulnerabilities. The vulnerabilities
could not be exploited remotely or by anonymous
users.

MS13-064

Vulnerability in Windows NAT Driver Could


Allow Denial of Service (2849568)

Important
Denial of Service

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

24

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

This security update resolves a privately reported


vulnerability in the Windows NAT Driver in Microsoft
Windows. The vulnerability could allow denial of
service if an attacker sends a specially crafted ICMP
packet to a target server that is running the
Windows NAT Driver service.

MS13-065

Vulnerability in ICMPv6 could allow Denial of


Service (2868623)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow a denial of service if the attacker sends a
specially crafted ICMP packet to the target system.

MS13-066

Vulnerability in Active Directory Federation


Services Could Allow Information Disclosure
(2873872)

Important
Information Disclosure

This security update resolves a privately reported


vulnerability in Active Directory Federation Services
(AD FS). The vulnerability could reveal information
pertaining to the service account used by AD FS. An
attacker could then attempt logons from outside the
corporate network, which would result in account
lockout of the service account used by AD FS if an
account lockout policy has been configured. This
would result in denial of service for all applications
relying on the AD FS instance.

July 2013
Bulletin ID

MS13-052

Bulletin Title and Executive Summary

Vulnerabilities in .NET Framework and


Silverlight Could Allow Remote Code Execution
(2861561)

Maximum Severity
Rating and
Vulnerability Impact
Critical
Remote Code Execution

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

25

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

This security update resolves five privately reported


vulnerabilities and two publicly disclosed
vulnerabilities in Microsoft .NET Framework and
Microsoft Silverlight. The most severe of these
vulnerabilities could allow remote code execution if a
trusted application uses a particular pattern of code.
An attacker who successfully exploited this
vulnerability could gain the same user rights as the
logged-on user. Users whose accounts are
configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.

MS13-053

Vulnerabilities in Windows Kernel-Mode Drivers


Could Allow Remote Code Execution (2850851)

Critical
Remote Code Execution

This security update resolves two publicly disclosed


and six privately reported vulnerabilities in Microsoft
Windows. The most severe vulnerability could allow
remote code execution if a user views shared content
that embeds TrueType font files. An attacker who
successfully exploited this vulnerability could take
complete control of an affected system.

MS13-054

Vulnerability in GDI+ Could Allow Remote Code


Execution (2848295)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows, Microsoft Office,
Microsoft Lync, and Microsoft Visual Studio. The
vulnerability could allow remote code execution if a
user views shared content that embeds TrueType
font files.

MS13-055

Cumulative Security Update for Internet


Explorer (2846071)

Critical
Remote Code Execution

This security update resolves seventeen privately


reported vulnerabilities in Internet Explorer. The
most severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

26

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

exploited the most severe of these vulnerabilities


could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted
than users who operate with administrative user
rights.

MS13-056

Vulnerability in Microsoft DirectShow Could


Allow Remote Code Execution (2845187)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
specially crafted image file. An attacker who
successfully exploited this vulnerability could gain
the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

MS13-057

Vulnerability in Windows Media Format


Runtime Could Allow Remote Code Execution
(2847883)

Critical
Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
specially crafted media file. An attacker who
successfully exploited this vulnerability could gain
the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

MS13-058

Vulnerability in Windows Defender Could Allow


Elevation of Privilege (2847927)

Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Windows Defender for Windows 7 and
Windows Defender when installed on Windows
Server 2008 R2. The vulnerability could allow

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

27

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

elevation of privilege due to the pathnames used by


Windows Defender. An attacker who successfully
exploited this vulnerability could execute arbitrary
code and take complete control of an affected
system. The attacker could then install programs;
view, change, or delete data; or create new accounts
with full user rights. An attacker must have valid
logon credentials to exploit this vulnerability. The
vulnerability could not be exploited by anonymous
users.

June 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

MS13-047

Cumulative Security Update for Internet


Explorer (2838727)

Critical
Remote Code Execution

This security update resolves nineteen privately


reported vulnerabilities in Internet Explorer. The most
severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully
exploited the most severe of these vulnerabilities
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS13-048

Vulnerability in Windows Kernel Could Allow


Information Disclosure (2839229)

Important
Information Disclosure

This security update resolves one privately reported


vulnerability in Windows. The vulnerability could allow
information disclosure if an attacker logs on to a
system and runs a specially crafted application or
convinces a local, logged-in user to run a specially
crafted application. An attacker must have valid logon

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

28

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

credentials and be able to log on locally to exploit this


vulnerability. Note that this vulnerability would not
allow an attacker to execute code or to elevate their
user rights directly, but it could be used to produce
information that could be used to try to further
compromise an affected system.

MS13-049

Vulnerability in Kernel-Mode Driver Could Allow


Denial of Service (2845690)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow denial of service if an attacker sends
specially crafted packets to the server. Firewall best
practices and standard default firewall configurations
can help protect networks from attacks that originate
outside the enterprise perimeter.

MS13-050

Vulnerability in Windows Print Spooler


Components Could Allow Elevation of Privilege
(2839894)

Important
Elevation of privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege when an
authenticated attacker deletes a printer connection.
An attacker must have valid logon credentials and be
able to log on to exploit this vulnerability.

May 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

MS13-037

Cumulative Security Update for Internet


Explorer (2829530)

Critical
Remote Code Execution

This security update resolves eleven privately

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

29

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

reported vulnerabilities in Internet Explorer. The most


severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully
exploited the most severe of these vulnerabilities
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS13-038

Security Update for Internet Explorer


(2847204)

Critical
Remote Code Execution

This security update resolves one publicly disclosed


vulnerability in Internet Explorer. The vulnerability
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited this vulnerability
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS13-039

Vulnerability in HTTP.sys Could Allow Denial of


Service (2829254)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow denial of service if an attacker sends a
specially crafted HTTP packet to an affected Windows
server or client.

MS13-040

Vulnerabilities in .NET Framework Could Allow


Spoofing (2836440)

Important
Spoofing

This security update resolves one privately reported


vulnerability and one publicly disclosed vulnerability in
the .NET Framework. The more severe of the
vulnerabilities could allow spoofing if a .NET
application receives a specially crafted XML file. An

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

30

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

attacker who successfully exploited the vulnerabilities


could modify the contents of an XML file without
invalidating the file's signature and could gain access
to endpoint functions as if they were an authenticated
user.

MS13-046

Vulnerabilities in Kernel-Mode Drivers Could


Allow Elevation Of Privilege (2840221)

Important
Elevation of Privilege

This security update resolves three privately reported


vulnerabilities in Microsoft Windows. The
vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit
these vulnerabilities.

April 2013
Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

MS13-028

Cumulative Security Update for Internet


Explorer (2817183)

Critical
Remote Code Execution

This security update resolves two privately reported


vulnerabilities in Internet Explorer. These
vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

MS13-029

Vulnerability in Remote Desktop Client Could

Critical

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

31

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Allow Remote Code Execution (2828223)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Windows Remote Desktop Client. The
vulnerability could allow remote code execution if a
user views a specially crafted webpage. An attacker
who successfully exploited the vulnerability could gain
the same user rights as the current user. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

MS13-031

Vulnerabilities in Windows Kernel Could Allow


Elevation of Privilege (2813170)

Important
Elevation of Privilege

This security update resolves two privately reported


vulnerabilities in Microsoft Windows. The
vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit
these vulnerabilities.

MS13-032

Vulnerability in Active Directory Could Lead to


Denial of Service (2830914)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Active Directory. The vulnerability
could allow denial of service if an attacker sends a
specially crafted query to the Lightweight Directory
Access Protocol (LDAP) service.

MS13-033

Vulnerability in Windows Client/Server Runtime Subsystem (CSRSS) Could Allow Elevation


of Privilege (2820917)

Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in all supported editions of Windows XP,
Windows Vista, Windows Server 2003, and Windows
Server 2008. The vulnerability could allow elevation of

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

32

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

privilege if an attacker logs on to a system and runs a


specially crafted application. An attacker must have
valid logon credentials and be able to log on locally to
exploit this vulnerability.
MS13-036

Vulnerabilities in Kernel-Mode Driver Could


Allow Elevation Of Privilege (2829996)

Important
Elevation of Privilege

This security update resolves three privately reported


vulnerabilities and one publicly disclosed vulnerability
in Microsoft Windows. The most severe of these
vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit the
most severe vulnerabilities.

March 2013

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Cumulative Security Update for Internet


Explorer (2809289)

MS13-021

This security update resolves eight privately reported


vulnerabilities and one publicly disclosed vulnerability
in Internet Explorer. The most severe vulnerabilities
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

Critical
Remote Code Execution

Vulnerabilities in Kernel-Mode Drivers Could


Allow Elevation Of Privilege (2807986)

MS13-027

This security update resolves three privately reported


vulnerabilities in Microsoft Windows. These
vulnerabilities could allow elevation of privilege if an

Important
Elevation of Privilege

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

33

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

attacker gains access to a system.

February 2013

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Cumulative Security Update for Internet


Explorer (2792100)

MS13-009

This security update resolves thirteen privately


reported vulnerabilities in Internet Explorer. The most
severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage
using Internet Explorer. An attacker who successfully
exploited these vulnerabilities could gain the same
user rights as the current user. Users whose accounts
are configured to have fewer user rights on the
system could be less impacted than users who operate Critical
with administrative user rights.
Remote Code Execution
Vulnerability in Vector Markup Language Could
Allow Remote Code Execution (2797052)

MS13-010

This security update resolves a privately reported


vulnerability in the Microsoft implementation of Vector
Markup Language (VML). The vulnerability could allow
remote code execution if a user viewed a specially
crafted webpage using Internet Explorer. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

Critical
Remote Code Execution

Vulnerability in Media Decompression Could


Allow Remote Code Execution (2780091)

MS13-011

This security update resolves one publicly disclosed


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
specially crafted media file (such as an .mpg file),
opens a Microsoft Office document (such as a .ppt file)
that contains a specially crafted embedded media file,
or receives specially crafted streaming content. An
Critical
attacker who successfully exploited this vulnerability
Remote Code Execution
could gain the same user rights as the current user.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

34

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Users whose accounts are configured to have fewer


user rights on the system could be less impacted than
users who operate with administrative user rights.
Vulnerability in OLE Automation Could Allow
Remote Code Execution (2802968)

MS13-020

This security update resolves a privately reported


vulnerability in Microsoft Windows Object Linking and
Embedding (OLE) Automation. The vulnerability could
allow remote code execution if a user opens a
specially crafted file. An attacker who successfully
exploited the vulnerability could gain the same user
rights as the current user. Users whose accounts are
configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.

Critical
Remote Code Execution

Vulnerability in NFS Server Could Allow Denial of


Service (2790978)

MS13-014

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow denial of service if an attacker attempts a
file operation on a read only share. An attacker who
exploited this vulnerability could cause the affected
system to stop responding and restart. The
vulnerability only affects Windows servers with the
NFS role enabled.

Important
Denial of Service

Vulnerability in .NET Framework Could Allow


Elevation of Privilege (2800277)

MS13-015

This security update resolves one privately reported


vulnerability in the .NET Framework. The vulnerability
could allow elevation of privilege if a user views a
specially crafted webpage using a web browser that
can run XAML Browser Applications (XBAPs). The
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions. An attacker who successfully exploited
the vulnerability could gain the same user rights as
the current user. Users whose accounts are configured
to have fewer user rights on the system could be less
impacted than users who operate with administrative
Important
user rights.
Elevation of Privilege

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

35

Third Party Certification Report

Verint Guidance on Security Updates

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

MS13-016

Vulnerabilities in Windows Kernel-Mode


Driver Could Allow Elevation of Privilege
(2778344)
This security update resolves 30 privately reported
vulnerabilities in Microsoft Windows. The
vulnerabilities could allow elevation of privilege if an
attacker logs on to the system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit the
vulnerabilities.

Important
Elevation of Privilege

MS13-017

Vulnerabilities in Windows Kernel Could Allow


Elevation of Privilege (2799494)
This security update resolves three privately reported
vulnerabilities in all supported releases of Microsoft
Windows. The vulnerabilities could allow elevation of
privilege if an attacker logs on to the system and runs
a specially crafted application. An attacker must have
valid logon credentials and be able to log on locally to
exploit the vulnerabilities.

Important
Elevation of Privilege

MS13-018

Vulnerability in TCP/IP Could Allow Denial of


Service (2790655)
This security update resolves a privately reported
vulnerability in Microsoft Windows. The vulnerability
could allow denial of service if an unauthenticated
attacker sends a specially crafted connection
termination packet to the server.

Important
Denial of Service

MS13-019

Vulnerability in Windows Client/Server Run-time


Subsystem (CSRSS) Could Allow Elevation of
Privilege (2790113)
This security update resolves a publicly disclosed
vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege if an attacker logs on
to a system and runs a specially crafted application.
An attacker must have valid logon credentials and be
Important
able to log on locally to exploit this vulnerability.
Elevation of Privilege

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

36

Third Party Certification Report

Verint Guidance on Security Updates

January 2013

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Security Update for Internet Explorer


(2799329)

MS13-008

This security update resolves one publicly disclosed


vulnerability in Internet Explorer. The vulnerability
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited this vulnerability
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

Critical
Remote Code Execution

Vulnerability in Windows Print Spooler


Components Could Allow Remote Code
Execution (2769369)

MS13-001

This security update resolves one privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a print server
received a specially crafted print job. Firewall best
practices and standard default firewall configurations
can help protect networks from attacks that originate
outside the enterprise perimeter. Best practices
recommend that systems connected directly to the
Internet have a minimal number of ports exposed.

Critical
Remote Code Execution

Vulnerabilities in Microsoft XML Core Services


Could Allow Remote Code Execution (2756145)

MS13-002

MS13-004

This security update resolves two privately reported


vulnerabilities in Microsoft XML Core Services. The
vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker would have no way to force
users to visit such a website. Instead, an attacker
would have to convince users to visit the website,
typically by getting them to click a link in an email
message or Instant Messenger message that takes the Critical
user to the attacker's website.
Remote Code Execution

Vulnerabilities in .NET Framework Could Allow


Elevation of Privilege(2769324)

Important
Elevation of Privilege

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

37

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

This security update resolves four privately reported


vulnerabilities in the .NET Framework. The most
severe of these vulnerabilities could allow elevation of
privilege if a user views a specially crafted webpage
using a web browser that can run XAML Browser
Applications (XBAPs). The vulnerabilities could also be
used by Windows .NET applications to bypass Code
Access Security (CAS) restrictions. An attacker who
successfully exploited these vulnerabilities could gain
the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user
rights on the system could be less impacted than
users who operate with administrative user rights.
Vulnerability in Windows Kernel-Mode Driver
Could Allow Elevation of Privilege (2778930)

MS13-005

This security update resolves one privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege if an attacker runs a
specially crafted application.

Important
Elevation of Privilege

Vulnerability in Microsoft Windows Could Allow


Security Feature Bypass (2785220)

MS13-006

This security update resolves a privately reported


vulnerability in the implementation of SSL and TLS in
Microsoft Windows. The vulnerability could allow
security feature bypass if an attacker intercepts
encrypted web traffic handshakes.

Important
Security Feature Bypass

Vulnerability in Open Data Protocol Could Allow


Denial of Service(2769327)

MS13-007

This security update resolves a privately reported


vulnerability in the Open Data (OData) protocol. The
vulnerability could allow denial of service if an
unauthenticated attacker sends specially crafted HTTP
requests to an affected site. Firewall best practices
and standard default firewall configurations can help
protect networks from attacks that originate outside
the enterprise perimeter. Best practices recommend
that systems that are connected to the Internet have
a minimal number of ports exposed.

Important
Denial of Service

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

38

Third Party Certification Report

Verint Guidance on Security Updates

December 2012

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Cumulative Security Update for Internet


Explorer (2761465)

MS12-077

This security update resolves three privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

Critical
Remote Code Execution

Vulnerabilities in Windows Kernel-Mode Drivers


Could Allow Remote Code Execution
(2783534)

MS12-078

This security update resolves one publicly disclosed


vulnerability and one privately reported vulnerability
in Microsoft Windows. The more severe of these
vulnerabilities could allow remote code execution if a
user opens a specially crafted document or visits a
malicious webpage that embeds TrueType or
OpenType font files. An attacker would have to
convince users to visit the website, typically by getting
them to click a link in an email message that takes
Critical
them to the attacker's website.
Remote Code Execution
Vulnerability in Windows File Handling
Component Could Allow Remote Code Execution
(2758857)

MS12-081

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user browses
to a folder that contains a file or subfolder with a
specially crafted name. An attacker who successfully
exploited this vulnerability could gain the same user
rights as the current user. Users whose accounts are
configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.

Critical
Remote Code Execution

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

39

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Vulnerability in DirectPlay Could Allow Remote


Code Execution (2770660)

MS12-082

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if an attacker
convinces a user to view a specially crafted Office
document with embedded content. An attacker who
successfully exploits this vulnerability could gain the
same user rights as the current user. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

Important
Remote Code Execution

Vulnerability in IP-HTTPS Component Could


Allow Security Feature Bypass (2765809)

MS12-083

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow security feature bypass if an attacker
presents a revoked certificate to an IP-HTTPS server
commonly used in Microsoft DirectAccess
deployments. To exploit the vulnerability, an attacker
must use a certificate issued from the domain for IPHTTPS server authentication. Logging on to a system
inside the organization would still require system or
domain credentials.

Important
Security Feature Bypass

November 2012

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

Cumulative Security Update for Internet


Explorer (2761451)

MS12-071

This security update resolves three privately reported


vulnerabilities in Internet Explorer. The vulnerabilities
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative

Critical
Remote Code Execution

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

40

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

user rights.
Vulnerabilities in Windows Shell Could Allow
Remote Code Execution (2727528)

MS12-072

This security update resolves two privately reported


vulnerabilities in Microsoft Windows. The
vulnerabilities could allow remote code execution if a
user browses to a specially crafted briefcase in
Windows Explorer. An attacker who successfully
exploited this vulnerability could run arbitrary code as
the current user. If the current user is logged on with
administrative user rights, an attacker could take
complete control of the affected system. An attacker
could then install programs; view, change, or delete
data; or create new accounts with full user rights.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

Critical
Remote Code Execution

Vulnerabilities in .NET Framework Could Allow


Remote Code Execution (2745030)

MS12-074

This security update resolves five privately reported


vulnerabilities in the .NET Framework. The most
severe of these vulnerabilities could allow remote code
execution if an attacker convinces the user of a target
system to use a malicious proxy auto configuration file
and then injects code into the currently running
Critical
application.
Remote Code Execution
Vulnerabilities in Windows Kernel-Mode Drivers
Could Allow Remote Code Execution (2761226)

MS12-075

MS12-073

This security update resolves three privately reported


vulnerabilities in Microsoft Windows. The most severe
of these vulnerabilities could allow remote code
execution if a user opens a specially crafted document
or visits a malicious webpage that embeds TrueType
font files. An attacker would have to convince users to
visit the website, typically by getting them to click a
link in an email message that takes them to the
attacker's website.

Critical
Remote Code Execution

Vulnerabilities in Microsoft Internet Information


Services (IIS) Could Allow Information

Moderate

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

41

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary


Disclosure (2733829)

Maximum Severity
Rating and
Vulnerability Impact
Information Disclosure

This security update resolves one publicly disclosed


vulnerability and one privately reported vulnerability
in Microsoft Internet Information Services (IIS). The
more severe vulnerability could allow information
disclosure if an attacker sends specially crafted FTP
commands to the server.

October 2012
Bulletin ID

MS12-068

Bulletin Title and Executive Summary

Vulnerability in Windows Kernel Could Allow


Elevation of Privilege (2724197)

Maximum Severity
Rating and
Vulnerability Impact
Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in all supported releases of Microsoft
Windows except Windows 8 and Windows Server
2012. This security update is rated Important for all
supported editions of Windows XP, Windows Server
2003, Windows Vista, Windows Server 2008, Windows
7, and Windows Server 2008 R2.
The vulnerability could allow elevation of privilege if
an attacker logs on to the system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit this
vulnerability.

MS12-069

Vulnerability in Kerberos Could Allow Denial of


Service (2743555)

Important
Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow denial of service if a remote attacker
sends a specially crafted session request to the
Kerberos server. Firewall best practices and standard
default firewall configurations can help protect
networks from attacks that originate outside the

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

42

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

enterprise perimeter. Best practices recommend that


systems that are connected to the Internet have a
minimal number of ports exposed.

MS12-070

Vulnerability in SQL Server Could Allow


Elevation of Privilege (2754849)

Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft SQL Server on systems
running SQL Server Reporting Services (SSRS). The
vulnerability is a cross-site-scripting (XSS)
vulnerability that could allow elevation of privilege,
enabling an attacker to execute arbitrary commands
on the SSRS site in the context of the targeted user.
An attacker could exploit this vulnerability by sending
a specially crafted link to the user and convincing the
user to click the link. An attacker could also host a
website that contains a webpage designed to exploit
the vulnerability. In addition, compromised websites
and websites that accept or host user-provided
content or advertisements could contain specially
crafted content that could exploit this vulnerability.

September 2012
Bulletin ID

MS12-061

Bulletin Title and Executive Summary

Vulnerability in Visual Studio Team Foundation


Server Could Allow Elevation of Privilege
(2719584)

Maximum Severity
Rating and
Vulnerability Impact
Important
Elevation of Privilege

This security update resolves a privately reported


vulnerability in Visual Studio Team Foundation Server.
The vulnerability could allow elevation of privilege if a
user clicks a specially crafted link in an email message
or browses to a webpage that is used to exploit the
vulnerability. In all cases, however, an attacker would
have no way to force users to perform these actions.
Instead, an attacker would have to convince users to

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

43

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability Impact

visit a website, typically by getting them to click a link


in an email message or Instant Messenger message
that takes them to the attacker's website.

MS12-063

Cumulative Security Update for Internet


Explorer (2744842)

Critical
Remote Code Execution

This security update resolves one publicly disclosed


and four privately reported vulnerabilities in Internet
Explorer. The most severe vulnerabilities could allow
remote code execution if a user views a specially
crafted webpage using Internet Explorer. An attacker
who successfully exploited any of these vulnerabilities
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

August 2012
Bulletin ID

MS12-052

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Cumulative Security Update for Internet

Critical

Explorer (2722913)

Remote Code Execution

This security update resolves four privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a
user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited any
of these vulnerabilities could gain the same user
rights as the current user. Users whose accounts are
configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

44

Third Party Certification Report

Bulletin ID

MS12-054

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Vulnerabilities in Windows Networking

Critical

Components Could Allow Remote Code

Remote Code Execution

Execution (2733594)
This security update resolves four privately reported
vulnerabilities in Microsoft Windows. The most severe
of these vulnerabilities could allow remote code
execution if an attacker sends a specially crafted
response to a Windows print spooler request. Firewall
best practices and standard default firewall
configurations can help protect networks from attacks
that originate outside the enterprise perimeter. Best
practices recommend that systems connected directly
to the Internet have a minimal number of ports
exposed.

MS12-060

Vulnerability in Windows Common Controls

Critical

Could Allow Remote Code Execution (2720573)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Windows common controls. The
vulnerability could allow remote code execution if a
user visits a website containing specially crafted
content designed to exploit the vulnerability. In all
cases, however, an attacker would have no way to
force users to visit such a website. Instead, an
attacker would have to convince users to visit the
website, typically by getting them to click a link in an
email message or Instant Messenger message that
takes them to the attacker's website. The malicious
file could be sent as an email attachment as well, but
the attacker would have to convince the user to open
the attachment in order to exploit the vulnerability.

MS12-055

Vulnerability in Windows Kernel-Mode Drivers

Important

Could Allow Elevation of Privilege (2731847)

Elevation of Privilege

This security update resolves one privately reported

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

45

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

vulnerability in Microsoft Windows. The vulnerability


could allow elevation of privilege if an attacker logs on
to the system and runs a specially crafted application.
An attacker must have valid logon credentials and be
able to log on locally to exploit this vulnerability.

MS12-056

Vulnerability in JScript and VBScript Engines

Important

Could Allow Remote Code Execution (2706045)

Remote Code Execution

This security update resolves a privately reported


vulnerability in the JScript and VBScript scripting
engines on 64-bit versions of Microsoft Windows. The
vulnerability could allow remote code execution if a
user visited a specially crafted website. An attacker
would have no way to force users to visit the website.
Instead, an attacker would have to convince users to
visit the website, typically by getting them to click a
link in an email message or Instant Messenger
message that takes users to the attacker's website.

July 2012
Bulletin ID

MS12-043

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Vulnerability in Microsoft XML Core Services

Critical

Could Allow Remote Code Execution (2722479)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in Microsoft XML Core Services. The
vulnerability could allow remote code execution, if a
user views a specially crafted webpage using Internet
Explorer. An attacker would have no way to force
users to visit such a website. Instead, an attacker
would have to convince users to visit the website,
typically by getting them to click a link in an email
message or Instant Messenger message that takes
the user to the attacker's website.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

46

Third Party Certification Report

Bulletin ID

MS12-044

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Cumulative Security Update for Internet

Critical

Explorer (2719177)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities in Internet Explorer. The vulnerabilities
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited any of these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

MS12-045

Vulnerability in Microsoft Data Access

Critical

Components Could Allow Remote Code

Remote Code Execution

Execution (2698365)
This security update resolves a privately reported
vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user views a
specially crafted webpage. An attacker who
successfully exploited this vulnerability could gain the
same user rights as the current user. Users whose
accounts are configured to have fewer user rights on
the system could be less impacted than users who
operate with administrative user rights.

MS12-047

Vulnerabilities in Windows Kernel-Mode Drivers

Important

Could Allow Elevation of Privilege (2718523)

Elevation of Privilege

This security update resolves one publicly disclosed


and one privately reported vulnerability in Microsoft
Windows. The vulnerabilities could allow elevation of
privilege if an attacker logs on to the system and runs
a specially crafted application. An attacker must have
valid logon credentials and be able to log on locally to

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

47

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

exploit this vulnerability.

MS12-048

Vulnerability in Windows Shell Could Allow

Important

Remote Code Execution (2691442)

Remote Code Execution

This security update resolves one privately reported


vulnerability in Microsoft Windows. The vulnerability
could allow remote code execution if a user opens a
file or directory with a specially crafted name. An
attacker who successfully exploited this vulnerability
could gain the same user rights as the current user.
Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS12-049

Vulnerability in TLS Could Allow Information

Important

Disclosure (2655992)

Information Disclosure

This security update resolves a publicly disclosed


vulnerability in TLS. The vulnerability could allow
information disclosure if an attacker intercepts
encrypted web traffic served from an affected system.
All cipher suites that do not use CBC mode are not
affected.

June 2012
Bulletin ID

MS12-036

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Vulnerability in Remote Desktop Could Allow

Critical

Remote Code Execution (2685939)

Remote Code Execution

This security update resolves a privately reported


vulnerability in the Remote Desktop Protocol. The
vulnerability could allow remote code execution if an
attacker sends a sequence of specially crafted RDP

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

48

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

packets to an affected system. By default, the Remote


Desktop Protocol (RDP) is not enabled on any
Windows operating system. Systems that do not have
RDP enabled are not at risk.

MS12-037

Cumulative Security Update for Internet

Critical

Explorer (2699988)

Remote Code Execution

This security update resolves one publicly disclosed


and twelve privately reported vulnerabilities in
Internet Explorer. The most severe vulnerabilities
could allow remote code execution if a user views a
specially crafted webpage using Internet Explorer. An
attacker who successfully exploited any of these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative
user rights.

MS12-038

Vulnerability in .NET Framework Could Allow

Critical

Remote Code Execution (2706726)

Remote Code Execution

This security update resolves one privately reported


vulnerability in Microsoft .NET Framework. The
vulnerability could allow remote code execution on a
client system if a user views a specially crafted
webpage using a web browser that can run XAML
Browser Applications (XBAPs). Users whose accounts
are configured to have fewer user rights on the
system could be less impacted than users who
operate with administrative user rights. The
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions. In a web browsing attack scenario, an
attacker could host a website that contains a webpage
that is used to exploit this vulnerability. In addition,
compromised websites and websites that accept or

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

49

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

host user-provided content or advertisements could


contain specially crafted content that could exploit
this vulnerability. In all cases, however, an attacker
would have no way to force users to visit these
websites. Instead, an attacker would have to convince
users to visit the website, typically by getting them to
click a link in an email message or Instant Messenger
message that takes users to the attacker's website.

MS12-041

Vulnerabilities in Windows Kernel-Mode Drivers

Important

Could Allow Elevation of Privilege (2709162)

Elevation of Privilege

This security update resolves five privately reported


vulnerabilities in Microsoft Windows. The
vulnerabilities could allow elevation of privilege if an
attacker logs on to a system and runs a specially
crafted application. An attacker must have valid logon
credentials and be able to log on locally to exploit any
of these vulnerabilities.

MS12-042

Vulnerabilities in Windows Kernel Could Allow

Important

Elevation of Privilege (2711167)

Elevation of Privilege

This security update resolves one privately reported


vulnerability and one publicly disclosed vulnerability in
Microsoft Windows. The vulnerabilities could allow
elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted
application that exploits the vulnerability. An attacker
must have valid logon credentials and be able to log
on locally to exploit this vulnerability. The
vulnerability could not be exploited remotely or by
anonymous users.

May 2012

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

50

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

Combined Security Update for Microsoft Office,


Windows, .NET Framework, and Silverlight
(2681578)

MS12-034

This security update resolves three publicly disclosed


vulnerabilities and seven privately reported
vulnerabilities in Microsoft Office, Microsoft Windows,
the Microsoft .NET Framework, and Microsoft
Silverlight. The most severe of these vulnerabilities
could allow remote code execution if a user opens a
specially crafted document or visits a malicious
webpage that embeds TrueType font files. An attacker
would have no way to force users to visit a malicious
website. Instead, an attacker would have to convince
users to visit the website, typically by getting them to
click a link in an email message or Instant Messenger
message that takes them to the attacker's website.

Critical
Remote Code Execution

Vulnerabilities in .NET Framework Could Allow


Remote Code Execution (2693777)

MS12-035

This security update resolves two privately reported


vulnerabilities in the .NET Framework. The
vulnerabilities could allow remote code execution on a
client system if a user views a specially crafted
webpage using a web browser that can run XAML
Browser Applications (XBAPs). Users whose accounts
are configured to have fewer user rights on the
system could be less impacted than users who operate Critical
with administrative user rights.
Remote Code Execution
Vulnerability in TCP/IP Could Allow Elevation of
Privilege (2688338)

MS12-032

MS12-033

This security update resolves one privately reported


and one publicly disclosed vulnerability in Microsoft
Windows. The more severe of these vulnerabilities
could allow elevation of privilege if an attacker logs on
to a system and runs a specially crafted application.
Vulnerability in Windows Partition Manager
Could Allow Elevation of Privilege (2690533)
This security update resolves a privately reported

Important
Elevation of Privilege

Important
Elevation of Privilege

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

51

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Maximum Severity Rating


and Vulnerability Impact

vulnerability in Microsoft Windows. The vulnerability


could allow elevation of privilege if an attacker logs on
to a system and runs a specially crafted application.
An attacker must have valid logon credentials and be
able to log on locally to exploit this vulnerability.

April 2012
Bulletin ID

MS12-023

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

Cumulative Security Update for Internet Explorer

Critical

(2675157)

Remote Code
Execution

This security update resolves five privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted webpage using Internet Explorer.
An attacker who successfully exploited any of these
vulnerabilities could gain the same user rights as the
current user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.

MS12-024

Vulnerability in Windows Could Allow Remote Code

Critical

Execution (2653956)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user or application runs
or installs a specially crafted, signed portable executable
(PE) file on an affected system.
MS12-025

Vulnerability in .NET Framework Could Allow Remote

Critical

Code Execution (2671605)

Remote Code
Execution

This security update resolves one privately reported

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

52

Third Party Certification Report

Verint Guidance on Security Updates

vulnerability in Microsoft .NET Framework. The


vulnerability could allow remote code execution on a client
system if a user views a specially crafted webpage using a
web browser that can run XAML Browser Applications
(XBAPs). Users whose accounts are configured to have
fewer user rights on the system could be less impacted
than users who operate with administrative user rights.
The vulnerability could also allow remote code execution
on a server system running IIS, if that server allows
processing ASP.NET pages and an attacker succeeds in
uploading a specially crafted ASP.NET page to that server
and then executes the page, as could be the case in a web
hosting scenario. This vulnerability could also be used by
Windows .NET applications to bypass Code Access Security
(CAS) restrictions. In a web browsing attack scenario, an
attacker could host a website that contains a webpage that
is used to exploit this vulnerability. In addition,
compromised websites and websites that accept or host
user-provided content or advertisements could contain
specially crafted content that could exploit this
vulnerability. In all cases, however, an attacker would
have no way to force users to visit these websites.
Instead, an attacker would have to convince users to visit
the website, typically by getting them to click a link in an
email message or Instant Messenger message that takes
users to the attacker's website.
MS12-027

Vulnerability in Windows Common Controls Could

Critical

Allow Remote Code Execution (2664258)

Remote Code
Execution

This security update resolves a privately disclosed


vulnerability in Windows common controls. The
vulnerability could allow remote code execution if a user
visits a website containing specially crafted content
designed to exploit the vulnerability. In all cases, however,
an attacker would have no way to force users to visit such
a website. Instead, an attacker would have to convince
users to visit the website, typically by getting them to click
a link in an email message or Instant Messenger message
that takes them to the attacker's website. The malicious
file could be sent as an email attachment as well, but the
attacker would have to convince the user to open the

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

53

Third Party Certification Report

Verint Guidance on Security Updates

attachment in order to exploit the vulnerability.

March 2012
Bulletin ID

MS12-020

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

Vulnerabilities in Remote Desktop Could Allow

Critical

Remote Code Execution (2671387)

Remote Code
Execution

This security update resolves two privately reported


vulnerabilities in the Remote Desktop Protocol. The more
severe of these vulnerabilities could allow remote code
execution if an attacker sends a sequence of specially
crafted RDP packets to an affected system. By default, the
Remote Desktop Protocol (RDP) is not enabled on any
Windows operating system. Systems that do not have
RDP enabled are not at risk.
MS12-017

Vulnerability in DNS Server Could Allow Denial of

Important

Service (2647170)

Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow denial of service if a remote unauthenticated
attacker sends a specially crafted DNS query to the target
DNS server.
MS12-018

Vulnerability in Windows Kernel-Mode Drivers Could

Important

Allow Elevation of Privilege (2641653)

Elevation

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker logs on to a
system and runs a specially crafted application. An
attacker must have valid logon credentials and be able to
log on locally to exploit this vulnerability.
MS12-019

Vulnerability in DirectWrite Could Allow Denial of

Moderate

Service (2665364)

Denial of

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

54

Third Party Certification Report

Verint Guidance on Security Updates

This security update resolves a publicly disclosed


vulnerability in Windows DirectWrite. In an Instant
Messager-based attack scenario, the vulnerability could
allow denial of service if an attacker sends a specially
crafted sequence of Unicode characters directly to an
Instant Messenger client. The target application could
become unresponsive when DirectWrite renders the
specially crafted sequence of Unicode characters.

February 2012
Bulletin ID

MS12-008

Bulletin Title and Executive Summary

Maximum Severity
Rating and
Vulnerability
Impact

Vulnerabilities in Windows Kernel-Mode Drivers

Critical

Could Allow Remote Code Execution (2660465)

Remote Code
Execution

This security update resolves a privately reported


vulnerability and a publicly disclosed vulnerability in
Microsoft Windows. The more severe of these
vulnerabilities could allow remote code execution if a user
visits a website containing specially crafted content or if a
specially crafted application is run locally. An attacker
would have no way to force users to visit a malicious
website. Instead, an attacker would have to convince
users to visit the website, typically by getting them to
click a link in an email message or Instant Messenger
message that takes them to the attacker's website.
MS12-010

Cumulative Security Update for Internet Explorer

Critical

(2647516)

Remote Code
Execution

This security update resolves four privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted web page using Internet
Explorer. An attacker who successfully exploited any of
these vulnerabilities could gain the same user rights as
the logged-on user. Users whose accounts are configured
to have fewer user rights on the system could be less
impacted than users who operate with administrative user

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

55

Third Party Certification Report

Verint Guidance on Security Updates

rights.
MS12-013

Vulnerability in C Run-Time Library Could Allow

Critical

Remote Code Execution (2654428)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a specially
crafted media file that is hosted on a website or sent as
an email attachment. An attacker who successfully
exploited the vulnerability could gain the same user rights
as the local user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.
MS12-016

Vulnerabilities in .NET Framework and Microsoft

Critical

Silverlight Could Allow Remote Code Execution

Remote Code

(2651026)

Execution

This security update resolves one publicly disclosed


vulnerability and one privately reported vulnerability in
Microsoft .NET Framework and Microsoft Silverlight. The
vulnerabilities could allow remote code execution on a
client system if a user views a specially crafted web page
using a web browser that can run XAML Browser
Applications (XBAPs) or Silverlight applications. Users
whose accounts are configured to have fewer user rights
on the system could be less impacted than users who
operate with administrative user rights.
MS12-009

Vulnerabilities in Ancillary Function Driver Could

Important

Allow Elevation of Privilege (2645640)

Elevation of Privilege

This security update resolves two privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow elevation of privilege if an attacker logs on to
a user's system and runs a specially crafted application.
An attacker must have valid logon credentials and be able
to log on locally to exploit the vulnerabilities.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

56

Third Party Certification Report

MS12-012

Verint Guidance on Security Updates

Vulnerability in Color Control Panel Could Allow

Important

Remote Code Execution (2643719)

Remote Code
Execution

This security update resolves one publicly disclosed


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a legitimate
file (such as an .icm or .icc file) that is located in the
same directory as a specially crafted dynamic link library
(DLL) file. An attacker who successfully exploited this
vulnerability could gain the same user rights as the
logged-on user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.

January 2012
Bulletin ID
MS12-004

Bulletin Title and Executive Summary

Severity & Impact

Vulnerabilities in Windows Media Could Allow

Critical

Remote Code Execution (2636391)

Remote Code
Execution

This security update resolves two privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow remote code execution if a user opens a
specially crafted media file. An attacker who successfully
exploited the vulnerabilities could gain the same user
rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could
be less impacted than users who operate with
administrative user rights.

MS12-001

Vulnerability in Windows Kernel Could Allow Security

Important

Feature Bypass (2644615)

Security Feature
Bypass

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow an attacker to bypass the SafeSEH security feature in
a software application. An attacker could then use other
vulnerabilities to leverage the structured exception handler

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

57

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Severity & Impact

to run arbitrary code. Only software applications that were


compiled using Microsoft Visual C++ .NET 2003 can be
used to exploit this vulnerability.

MS12-002

Vulnerability in Windows Object Packager Could

Important

Allow Remote Code Execution (2603381)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a legitimate
file with an embedded packaged object that is located in
the same network directory as a specially crafted
executable file. An attacker who successfully exploited this
vulnerability could gain the same user rights as the
logged-on user. An attacker could then install programs;
view, change, or delete data; or create new accounts with
full user rights. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.

MS12-003

Vulnerability in Windows Client/Server Run-time

Important

Subsystem Could Allow Elevation of Privilege

Elevation of Privilege

(2646524)
This security update resolves one privately reported
vulnerability in Microsoft Windows. This security update is
rated Important for all supported editions of Windows XP,
Windows Server 2003, Windows Vista, and Windows
Server 2008. All supported editions of Windows 7 and
Windows Server 2008 R2 are not affected by this
vulnerability.
The vulnerability could allow elevation of privilege if an
attacker logs on to an affected system and runs a specially
crafted application. The attacker could then take complete
control of the affected system and install programs; view,
change, or delete data; or create new accounts with full
user rights. This vulnerability can only be exploited on

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

58

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Severity & Impact

systems configured with a Chinese, Japanese, or Korean


system locale.

MS12-005

Vulnerability in Microsoft Windows Could Allow

Important

Remote Code Execution (2584146)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a specially
crafted Microsoft Office file containing a malicious
embedded ClickOnce application. An attacker who
successfully exploited this vulnerability could gain the
same user rights as the local user. Users whose accounts
are configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.

MS12-006

Vulnerability in SSL/TLS Could Allow Information

Important

Disclosure (2643584)

Information Disclosure

This security update resolves a publicly disclosed


vulnerability in SSL 3.0 and TLS 1.0. This vulnerability
affects the protocol itself and is not specific to the
Windows operating system. The vulnerability could allow
information disclosure if an attacker intercepts encrypted
web traffic served from an affected system. TLS 1.1, TLS
1.2, and all cipher suites that do not use CBC mode are
not affected.

December 2011
Bulletin ID
MS11-087

Bulletin Title and Executive Summary

Severity & Impact

Vulnerability in Windows Kernel-Mode Drivers Could

Critical

Allow Remote Code Execution (2639417)

Remote Code
Execution

This security update resolves a publicly disclosed

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

59

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Severity & Impact

vulnerability in Microsoft Windows. The vulnerability could


allow remote code execution if a user opens a specially
crafted document or visits a malicious Web page that
embeds TrueType font files.

MS11-090

Cumulative Security Update of ActiveX Kill Bits

Critical

(2618451)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft software. The vulnerability could
allow remote code execution if a user views a specially
crafted Web page that uses a specific binary behavior in
Internet Explorer. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights. This update also includes kill bits for four thirdparty ActiveX controls.

MS11-092

Vulnerability in Windows Media Could Allow Remote

Critical

Code Execution (2648048)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Windows Media Player and Windows Media
Center. The vulnerability could allow remote code
execution if a user opens a specially crafted Microsoft
Digital Video Recording (.dvr-ms) file. In all cases, a user
cannot be forced to open the file; for an attack to be
successful, a user must be convinced to do so.

MS11-093

Vulnerability in OLE Could Allow Remote Code

Important

Execution (2624667)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in all supported editions of Windows XP and
Windows Server 2003. This security update is rated
Important for all supported editions of Windows XP and
Windows Server 2003. Windows Vista, Windows Server
2008, Windows 7, and Windows Server 2008 R2 are not

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

60

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Severity & Impact

affected by the vulnerability.


The vulnerability could allow remote code execution if a
user opens a file that contains a specially crafted OLE
object. An attacker who successfully exploited this
vulnerability could gain the same user rights as the local
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS11-095

Vulnerability in Active Directory Could Allow Remote

Important

Code Execution (2640045)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Active Directory, Active Directory
Application Mode (ADAM), and Active Directory Lightweight
Directory Service (AD LDS). The vulnerability could allow
remote code execution if an attacker logs on to an Active
Directory domain and runs a specially crafted application.
To exploit this vulnerability, an attacker would first need to
acquire credentials to log on to an Active Directory
domain.

MS11-097

Vulnerability in Windows Client/Server Run-time

Important

Subsystem Could Allow Elevation of Privilege

Elevation of Privilege

(2620712)
This security update resolves a privately reported
vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted application
designed to send a device event message to a higherintegrity process. An attacker must have valid logon
credentials and be able to log on locally to exploit this
vulnerability.

MS11-098

Vulnerability in Windows Kernel Could Allow

Important

Elevation of Privilege (2633171)

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

61

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Bulletin Title and Executive Summary

Severity & Impact


Elevation of Privilege

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted application
designed to exploit the vulnerability. An attacker must
have valid logon credentials and be able to log on locally to
exploit this vulnerability. The vulnerability could not be
exploited remotely or by anonymous users.

MS11-099

Cumulative Security Update for Internet Explorer

Important

(2618444)

Remote Code
Execution

This security update resolves three privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerability could allow remote code execution if a user
opens a legitimate HyperText Markup Language (HTML) file
that is located in the same directory as a specially crafted
dynamic link library (DLL) file.

MS11-100

Vulnerabilities in .NET Framework Could Allow

Critical

Elevation of Privilege (2638420)

Elevation of Privilege

This security update resolves one publicly disclosed


vulnerability and three privately reported vulnerabilities in
Microsoft .NET Framework. The most severe of these
vulnerabilities could allow elevation of privilege if an
unauthenticated attacker sends a specially crafted web
request to the target site. An attacker who successfully
exploited this vulnerability could take any action in the
context of an existing account on the ASP.NET site,
including executing arbitrary commands. In order to
exploit this vulnerability, an attacker must be able to
register an account on the ASP.NET site, and must know
an existing user name.

November 2011

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

62

Third Party Certification Report

Verint Guidance on Security Updates

Bulletin ID

Bulletin Title and Executive Summary

Severity & Impact

MS11-083

Vulnerability in TCP/IP Could Allow Remote Code

Critical

Execution (2588516)

Remote Code
Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if an attacker sends a
continuous flow of specially crafted UDP packets to a
closed port on a target system.

MS11-085

Vulnerability in Windows Mail and Windows Meeting

Important

Space Could Allow Remote Code Execution

Remote Code

(2620704)

Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a legitimate
file (such as an .eml or .wcinv file) that is located in the
same network directory as a specially crafted dynamic link
library (DLL) file. Then, while opening the legitimate file,
Windows Mail or Windows Meeting Space could attempt to
load the DLL file and execute any code it contained. For an
attack to be successful, a user must visit an untrusted
remote file system location or WebDAV share and open a
legitimate file (such as an .eml or .wcinv file) from this
location that is then loaded by a vulnerable application.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

63

Third Party Certification Report

Verint Guidance on Security Updates

Bulletin ID

Bulletin Title and Executive Summary

Severity & Impact

MS11-086

Vulnerability in Active Directory Could Allow

Important

Elevation of Privilege (2630837)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in Active Directory, Active Directory
Application Mode (ADAM), and Active Directory Lightweight
Directory Service (AD LDS). The vulnerability could allow
elevation of privilege if Active Directory is configured to
use LDAP over SSL (LDAPS) and an attacker acquires a
revoked certificate that is associated with a valid domain
account and then uses that revoked certificate to
authenticate to the Active Directory domain. By default,
Active Directory is not configured to use LDAP over SSL.

MS11-084

Vulnerability in Windows Kernel-Mode Drivers Could

Moderate

Allow Denial of Service (2617657)

Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow denial of service if a user opens a specially crafted
TrueType font file as an e-mail attachment or navigates to
a network share or WebDAV location containing a specially
crafted TrueType font file. For an attack to be successful, a
user must visit the untrusted remote file system location
or WebDAV share containing the specially crafted TrueType
font file, or open the file as an e-mail attachment. In all
cases, however, an attacker would have no way to force
users to perform these actions. Instead, an attacker would
have to persuade users to do so, typically by getting them
to click a link in an e-mail message or Instant Messenger
message.

October 2011

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

64

Third Party Certification Report

Verint Guidance on Security Updates

Bulletin ID

Summary

Severity & Impact

MS11-078

Vulnerability in .NET Framework and Microsoft

Critical

Silverlight Could Allow Remote Code Execution

Remote Code

(2604930)

Execution

This security update resolves a privately reported


vulnerability in Microsoft .NET Framework and Microsoft
Silverlight. The vulnerability could allow remote code
execution on a client system if a user views a specially
crafted Web page using a Web browser that can run XAML
Browser Applications (XBAPs) or Silverlight applications.
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users
who operate with administrative user rights. The
vulnerability could also allow remote code execution on a
server system running IIS, if that server allows processing
ASP.NET pages and an attacker succeeds in uploading a
specially crafted ASP.NET page to that server and then
executes the page, as could be the case in a Web hosting
scenario. This vulnerability could also be used by Windows
.NET applications to bypass Code Access Security (CAS)
restrictions.

MS11-081

Cumulative Security Update for Internet Explorer

Critical

(2586448)

Remote Code
Execution

This security update resolves eight privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted Web page using Internet Explorer.
An attacker who successfully exploited any of these
vulnerabilities could gain the same user rights as the local
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

MS11-075

Vulnerability in Microsoft Active Accessibility Could

Important

Allow Remote Code Execution (2623699)

Remote Code
Execution

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

65

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

This security update resolves a privately reported


vulnerability in the Microsoft Active Accessibility
component. The vulnerability could allow remote code
execution if an attacker convinces a user to open a
legitimate file that is located in the same network directory
as a specially crafted dynamic link library (DLL) file. Then,
while opening the legitimate file, the Microsoft Active
Accessibility component could attempt to load the DLL file
and execute any code it contained. For an attack to be
successful, a user must visit an untrusted remote file
system location or WebDAV share and open a document
from this location that is then loaded by a vulnerable
application.

MS11-076

Vulnerability in Windows Media Center Could Allow

Important

Remote Code Execution (2604926)

Remote Code
Execution

This security update resolves a publicly disclosed


vulnerability in Windows Media Center. The vulnerability
could allow remote code execution if an attacker convinces
a user to open a legitimate file that is located in the same
network directory as a specially crafted dynamic link
library (DLL) file. Then, while opening the legitimate file,
Windows Media Center could attempt to load the DLL file
and execute any code it contained. For an attack to be
successful, a user must visit an untrusted remote file
system location or WebDAV share and open a legitimate
file.

MS11-077

Vulnerabilities in Windows Kernel-Mode Drivers

Important

Could Allow Remote Code Execution (2567053)

Remote Code
Execution

This security update resolves four privately reported


vulnerabilities in Microsoft Windows. The most severe of
these vulnerabilities could allow remote code execution if a
user opens a specially crafted font file (such as a .fon file)
in a network share, a UNC or WebDAV location, or an email attachment. For a remote attack to be successful, a
user must visit an untrusted remote file system location or

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

66

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

WebDAV share and open the specially crafted font file, or


open the file as an e-mail attachment.

MS11-080

Vulnerability in Ancillary Function Driver Could Allow

Important

Elevation of Privilege (2592799)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in the Microsoft Windows Ancillary Function
Driver (AFD). The vulnerability could allow elevation of
privilege if an attacker logs on to a user's system and runs
a specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit
the vulnerability.

September 2011
Bulletin ID

Summary

Severity & Impact

MS11-070

Vulnerability in WINS Could Allow Elevation of

Important

Privilege (2571621)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in the Windows Internet Name Service
(WINS). The vulnerability could allow elevation of privilege
if a user received a specially crafted WINS replication
packet on an affected system running the WINS service.
An attacker must have valid logon credentials and be able
to log on locally to exploit this vulnerability.

MS11-071

Vulnerability in Windows Components Could Allow

Important

Remote Code Execution (2570947)

Remote Code
Execution

This security update resolves a publicly disclosed


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user opens a legitimate
rich text format file (.rtf), text file (.txt), or Word
document (.doc) that is located in the same network

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

67

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

directory as a specially crafted dynamic link library (DLL)


file. An attacker who successfully exploited this
vulnerability could gain the same user rights as the local
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than
users who operate with administrative user rights.

August 2011
Bulletin ID
MS11-057

Summary

Severity & Impact

Cumulative Security Update for Internet Explorer

Critical

(2559049)

Remote Code Execution

This security update resolves five privately reported


vulnerabilities and two publicly disclosed vulnerabilities in
Internet Explorer. The most severe vulnerabilities could
allow remote code execution if a user views a specially
crafted Web page using Internet Explorer. An attacker who
successfully exploited any of these vulnerabilities could
gain the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with
administrative user rights.
MS11-058

Vulnerabilities in DNS Server Could Allow Remote

Critical

Code Execution (2562485)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities in Windows DNS server. The more severe of
these vulnerabilities could allow remote code execution if
an attacker registers a domain, creates an NAPTR DNS
resource record, and then sends a specially crafted NAPTR
query to the target DNS server. Servers that do not have
the DNS role enabled are not at risk.
MS11-059

Vulnerability in Data Access Components Could Allow

Important

Remote Code Execution (2560656)

Remote Code Execution

This security update resolves a privately reported

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

68

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

vulnerability in Microsoft Windows. The vulnerability could


allow remote code execution if a user opens a legitimate
Excel file (such as a .xlsx file) that is located in the same
network directory as a specially crafted library file. An
attacker who successfully exploited this vulnerability could
gain the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user rights on
the system could be less impacted than users who operate
with administrative user rights.
MS11-061

Vulnerability in Remote Desktop Web Access Could

Important

Allow Elevation of Privilege (2546250)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in Remote Desktop Web Access. The
vulnerability is a cross-site scripting (XSS) vulnerability
that could allow elevation of privilege, enabling an attacker
to execute arbitrary commands on the site in the context of
the target user. The XSS Filter in Internet Explorer 8 and
Internet Explorer 9 prevents this attack for its users when
browsing to a Remote Desktop Web Access server in the
Internet Zone. The XSS Filter in Internet Explorer 8 and
Internet Explorer 9 is not enabled by default in the Intranet
Zone.
MS11-062

Vulnerability in Remote Access Service NDISTAPI

Important

Driver Could Allow Elevation of Privilege (2566454)

Elevation of Privilege

This security update resolves a privately reported


vulnerability in all supported editions of Windows XP and
Windows Server 2003. This security update is rated
Important for all supported editions of Windows XP and
Windows Server 2003. Windows Vista, Windows Server
2008, Windows 7, and Windows Server 2008 R2 are not
affected by the vulnerability.
The vulnerability could allow elevation of privilege if an
attacker logs on to an affected system and runs a specially
crafted application designed to exploit the vulnerability and
take complete control over the affected system. An
attacker must have valid logon credentials and be able to

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

69

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

log on locally to exploit this vulnerability.


MS11-063

Vulnerability in Windows Client/Server Run-time

Important

Subsystem Could Allow Elevation of Privilege

Elevation of Privilege

(2567680)
This security update resolves a privately reported
vulnerability in Microsoft Windows. The vulnerability could
allow elevation of privilege if an attacker logs on to an
affected system and runs a specially crafted application
designed to send a device event message to a higherintegrity process. An attacker must have valid logon
credentials and be able to log on locally to exploit this
vulnerability.
MS11-064

Vulnerabilities in TCP/IP Stack Could Allow Denial of

Important

Service (2563894)

Denial of Service

This security update resolves two privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow denial of service if an attacker sends a
sequence of specially crafted Internet Control Message
Protocol (ICMP) messages to a target system or sends a
specially crafted URL request to a server that is serving
Web content and has the URL-based Quality of Service
(QoS) feature enabled.
MS11-065

Vulnerability in Remote Desktop Protocol Could Allow Important


Denial of Service (2570222)

Denial of Service

This security update resolves a privately reported


vulnerability in the Remote Desktop Protocol. The
vulnerability could allow denial of service if an affected
system received a sequence of specially crafted RDP
packets. Microsoft has also received reports of limited,
targeted attacks attempting to exploit this vulnerability. By
default, the Remote Desktop Protocol (RDP) is not enabled
on any Windows operating system.
MS11-066

Vulnerability in Microsoft Chart Control Could Allow

Important

Information Disclosure (2567943)

Information Disclosure

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

70

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

This security update resolves a privately reported


vulnerability in ASP.NET Chart controls. The vulnerability
could allow information disclosure if an attacker sent a
specially crafted GET request to an affected server hosting
the Chart controls. Note that this vulnerability would not
allow an attacker to execute code or to elevate the
attacker's user rights directly, but it could be used to
retrieve information that could be used to further
compromise the affected system. Only web applications
using Microsoft Chart Control are affected by this issue.
Default installations of the .NET Framework are not
affected.
MS11-068

Vulnerability in Windows Kernel Could Allow Denial

Moderate

of Service (2556532)

Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow denial of service if a user visits a network share (or
visits a Web site that points to a network share) containing
a specially crafted file. In all cases, however, an attacker
would have no way to force a user to visit such a network
share or Web site. Instead, an attacker would have to
convince a user to do so, typically by getting the user to
click a link in an e-mail message or Instant Messenger
message.

July 2011
Bulletin ID
MS11-053

Summary

Severity & Impact

Vulnerability in Bluetooth Stack Could Allow Remote

Critical

Code Execution (2566220)

Remote Code Execution

This security update resolves a privately reported


vulnerability in the Windows Bluetooth Stack. The
vulnerability could allow remote code execution if an
attacker sent a series of specially crafted Bluetooth packets
to an affected system. An attacker could then install
programs; view, change, or delete data; or create new

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

71

Third Party Certification Report

Bulletin ID

Verint Guidance on Security Updates

Summary

Severity & Impact

accounts with full user rights. This vulnerability only affects


systems with Bluetooth capability.
MS11-054

Vulnerabilities in Windows Kernel-Mode Drivers

Important

Could Allow Elevation of Privilege (2555917)

Elevation of Privilege

This security update resolves 15 privately reported


vulnerabilities in Microsoft Windows. The most severe of
these vulnerabilities could allow elevation of privilege if an
attacker logged on locally and ran a specially crafted
application. An attacker must have valid logon credentials
and be able to log on locally to exploit these vulnerabilities.
MS11-056

Vulnerabilities in Windows Client/Server Run-time

Important

Subsystem Could Allow Elevation of Privilege

Elevation of Privilege

(2507938)
This security update resolves five privately reported
vulnerabilities in the Microsoft Windows Client/Server Runtime Subsystem (CSRSS). The vulnerabilities could allow
elevation of privilege if an attacker logs on to a user's
system and runs a specially crafted application. An attacker
must have valid logon credentials and be able to log on
locally to exploit the vulnerabilities.

June 2011

ID
MS11-038

Summary

Severity & Impact

Vulnerability in OLE Automation Could Allow Remote

Critical

Code Execution (2476490)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows Object Linking and
Embedding (OLE) Automation. The vulnerability could allow
remote code execution if a user visits a Web site containing

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

72

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

a specially crafted Windows Metafile (WMF) image. In all


cases, however, an attacker would have no way to force
users to visit such a Web site. Instead, an attacker would
have to convince users to visit a malicious Web site,
typically by getting them to click a link in an e-mail
message or Instant Messenger request.
MS11-039

Vulnerability in .NET Framework and Microsoft

Critical

Silverlight Could Allow Remote Code Execution

Remote Code Execution

(2514842)
This security update resolves a privately reported
vulnerability in Microsoft .NET Framework and Microsoft
Silverlight. The vulnerability could allow remote code
execution on a client system if a user views a specially
crafted Web page using a Web browser that can run XAML
Browser Applications (XBAPs) or Silverlight applications.
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who
operate with administrative user rights. The vulnerability
could also allow remote code execution on a server system
running IIS, if that server allows processing ASP.NET pages
and an attacker succeeds in uploading a specially crafted
ASP.NET page to that server and then executes the page,
as could be the case in a Web hosting scenario. This
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions.
MS11-041

Vulnerability in Windows Kernel-Mode Drivers Could

Critical

Allow Remote Code Execution (2525694)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a user visits a network share
(or visits a web site that points to a network share)
containing a specially crafted OpenType font (OTF). In all
cases, however, an attacker would have no way to force a
user to visit such a web site or network share. Instead, an
attacker would have to convince a user to visit the web site
or network share, typically by getting them to click a link in

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

73

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

an e-mail message or Instant Messenger message.


MS11-042

Vulnerabilities in Distributed File System Could Allow

Critical

Remote Code Execution (2535512)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities in the Microsoft Distributed File System
(DFS). The more severe of these vulnerabilities could allow
remote code execution when an attacker sends a specially
crafted DFS response to a client-initiated DFS request. An
attacker who successfully exploited this vulnerability could
execute arbitrary code and take complete control of an
affected system. Firewall best practices and standard
default firewall configurations can help protect networks
from attacks that originate outside the enterprise
perimeter. Best practices recommend that systems that are
connected to the Internet have a minimal number of ports
exposed.
MS11-043

Vulnerability in SMB Client Could Allow Remote Code

Critical

Execution (2536276)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if an attacker sent a specially
crafted SMB response to a client-initiated SMB request. To
exploit the vulnerability, an attacker must convince the user
to initiate an SMB connection to a specially crafted SMB
server.
MS11-044

Vulnerability in .NET Framework Could Allow Remote

Critical

Code Execution (2538814)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in Microsoft .NET Framework. The vulnerability
could allow remote code execution on a client system if a
user views a specially crafted Web page using a Web
browser that can run XAML Browser Applications (XBAPs).
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who
operate with administrative user rights. The vulnerability
could also allow remote code execution on a server system

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

74

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

running IIS, if that server allows processing ASP.NET pages


and an attacker succeeds in uploading a specially crafted
ASP.NET page to that server and then executes the page,
as could be the case in a Web hosting scenario. This
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions.
MS11-050

Cumulative Security Update for Internet Explorer

Critical

(2530548)

Remote Code Execution

This security update resolves eleven privately reported


vulnerabilities in Internet Explorer. The most severe
vulnerabilities could allow remote code execution if a user
views a specially crafted Web page using Internet Explorer.
An attacker who successfully exploited any of these
vulnerabilities could gain the same user rights as the local
user. Users whose accounts are configured to have fewer
user rights on the system could be less impacted than users
who operate with administrative user rights.
MS11-052

Vulnerability in Vector Markup Language Could Allow

Critical

Remote Code Execution (2544521)

Remote Code Execution

This security update resolves a privately reported


vulnerability in the Microsoft implementation of Vector
Markup Language (VML). This security update is rated
Critical for Internet Explorer 6, Internet Explorer 7, and
Internet Explorer 8 on Windows clients; and Moderate for
Internet Explorer 6, Internet Explorer 7, and Internet
Explorer 8 on Windows servers. Internet Explorer 9 is not
affected by the vulnerability.
The vulnerability could allow remote code execution if a
user viewed a specially crafted Web page using Internet
Explorer. Users whose accounts are configured to have
fewer user rights on the system could be less impacted
than users who operate with administrative user rights.
MS11-037

Vulnerability in MHTML Could Allow Information

Important

Disclosure (2544893)

Information Disclosure

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

75

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

This security update resolves a publicly disclosed


vulnerability in the MHTML protocol handler in Microsoft
Windows. The vulnerability could allow information
disclosure if a user opens a specially crafted URL from an
attacker's Web site. An attacker would have to convince the
user to visit the Web site, typically by getting them to
follow a link in an e-mail message or Instant Messenger
message.
MS11-046

Vulnerability in Ancillary Function Driver Could Allow

Important

Elevation of Privilege (2503665)

Elevation of Privilege

This security update resolves a publicly disclosed


vulnerability in the Microsoft Windows Ancillary Function
Driver (AFD). The vulnerability could allow elevation of
privilege if an attacker logs on to a user's system and runs
a specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit the
vulnerability.
MS11-047

Vulnerability in Hyper-V Could Allow Denial of Service Important


(2525835)

Denial of Service

This security update resolves a privately reported


vulnerability in Windows Server 2008 Hyper-V and Windows
Server 2008 R2 Hyper-V. The vulnerability could allow
denial of service if a specially crafted packet is sent to the
VMBus by an authenticated user in one of the guest virtual
machines hosted by the Hyper-V server. An attacker must
have valid logon credentials and be able to send specially
crafted content from a guest virtual machine to exploit this
vulnerability. The vulnerability could not be exploited
remotely or by anonymous users.
MS11-048

Vulnerability in SMB Server Could Allow Denial of

Important

Service (2536275)

Denial of Service

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow denial of service if an attacker created a specially
crafted SMB packet and sent the packet to an affected
system. Firewall best practices and standard default firewall

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

76

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

configurations can help protect networks from attacks


originating outside the enterprise perimeter that would
attempt to exploit this vulnerability.
MS11-049

Vulnerability in the Microsoft XML Editor Could Allow

Important

Information Disclosure (2543893)

Information Disclosure

This security update resolves a privately reported


vulnerability in Microsoft XML Editor. The vulnerability could
allow information disclosure if a user opened a specially
crafted Web Service Discovery (.disco) file with one of the
affected software listed in this bulletin. Note that this
vulnerability would not allow an attacker to execute code or
to elevate their user rights directly, but it could be used to
produce information that could be used to try to further
compromise the affected system.
MS11-051

Vulnerability in Active Directory Certificate Services

Important

Web Enrollment Could Allow Elevation of Privilege

Elevation of Privilege

(2518295)
This security update resolves a privately reported
vulnerability in Active Directory Certificate Services Web
Enrollment. The vulnerability is a cross-site scripting (XSS)
vulnerability that could allow elevation of privilege, enabling
an attacker to execute arbitrary commands on the site in
the context of the target user. An attacker who successfully
exploited this vulnerability would need to send a specially
crafted link and convince a user to click the link. In all
cases, however, an attacker would have no way to force a
user to visit the Web site. Instead, an attacker would have
to persuade a user to visit the Web site, typically by getting
them to click a link in an e-mail message or Instant
Messenger message that takes the user to the vulnerable
Web site.

May 2011
ID
MS11-035

Summary
Vulnerability in WINS Could Allow Remote Code

Severity & Impact


Critical

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

77

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary
Execution (2524426)

Severity & Impact


Remote Code Execution

This security update resolves a privately reported


vulnerability in the Windows Internet Name Service
(WINS). The vulnerability could allow remote code
execution if a user received a specially crafted WINS
replication packet on an affected system running the WINS
service. By default, WINS is not installed on any affected
operating system. Only customers who manually installed
this component are affected by this issue.

April 2011
ID
MS11-018

Summary

Severity & Impact

Cumulative Security Update for Internet Explorer

Critical

(2497640)

Remote Code Execution

This security update resolves four privately reported


vulnerabilities and one publicly disclosed vulnerability in
Internet Explorer. This security update is rated Critical for
Internet Explorer 6, Internet Explorer 7, and Internet
Explorer 8 on Windows clients; and Moderate for Internet
Explorer 6, Internet Explorer 7, and Internet Explorer 8 on
Windows servers. Internet Explorer 9 is not affected by the
vulnerabilities.
The most severe vulnerabilities could allow remote code
execution if a user views a specially crafted Web page using
Internet Explorer. An attacker who successfully exploited
any of these vulnerabilities could gain the same user rights
as the local user. Users whose accounts are configured to
have fewer user rights on the system could be less
impacted than users who operate with administrative user
rights.
MS11-019

Vulnerabilities in SMB Client Could Allow Remote

Critical

Code Execution (2511455)

Remote Code Execution

This security update resolves one publicly disclosed


vulnerability and one privately reported vulnerability in

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

78

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

Microsoft Windows. The more severe of these vulnerabilities


could allow remote code execution if an attacker sent a
specially crafted SMB response to a client-initiated SMB
request. To exploit the vulnerability, an attacker must
convince the user to initiate an SMB connection to a
specially crafted SMB server.
MS11-020

Vulnerability in SMB Server Could Allow Remote Code

Critical

Execution (2508429)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if an attacker created a
specially crafted SMB packet and sent the packet to an
affected system. Firewall best practices and standard
default firewall configurations can help protect networks
from attacks originating outside the enterprise perimeter
that would attempt to exploit these vulnerabilities.
MS11-027

Cumulative Security Update of ActiveX Kill Bits

Critical

(2508272)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities and one publicly disclosed vulnerability in
Microsoft software. The vulnerabilities could allow remote
code execution if a user views a specially crafted Web page
that instantiates a specific ActiveX control with Internet
Explorer. Users whose accounts are configured to have
fewer user rights on the system could be less impacted
than users who operate with administrative user rights. This
update also includes kill bits for three third-party ActiveX
controls.
MS11-028

Vulnerability in .NET Framework Could Allow Remote

Critical

Code Execution (2484015)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in Microsoft .NET Framework. The vulnerability
could allow remote code execution on a client system if a
user views a specially crafted Web page using a Web
browser that can run XAML Browser Applications (XBAPs).
Users whose accounts are configured to have fewer user

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

79

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

rights on the system could be less impacted than users who


operate with administrative user rights. The vulnerability
could also allow remote code execution on a server system
running IIS, if that server allows processing ASP.NET pages
and an attacker succeeds in uploading a specially crafted
ASP.NET page to that server and then executes the page,
as could be the case in a Web hosting scenario. This
vulnerability could also be used by Windows .NET
applications to bypass Code Access Security (CAS)
restrictions.
MS11-029

Vulnerability in GDI+ Could Allow Remote Code

Critical

Execution (2489979)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows GDI+. The vulnerability
could allow remote code execution if a user viewed a
specially crafted image file using affected software or
browsed a Web site that contains specially crafted content.
Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who
operate with administrative user rights.
MS11-030

Vulnerability in DNS Resolution Could Allow Remote

Critical

Code Execution (2509553)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Windows DNS resolution. The vulnerability
could allow remote code execution if an attacker gained
access to the network and then created a custom program
to send specially crafted LLMNR broadcast queries to the
target systems. Firewall best practices and standard default
firewall configurations can help protect networks from
attacks that originate outside the enterprise perimeter. Best
practices recommend that systems that are connected to
the Internet have a minimal number of ports exposed. In
this case, the LLMNR ports should be blocked from the
Internet.
MS11-031

Vulnerability in JScript and VBScript Scripting

Critical

Engines Could Allow Remote Code Execution

Remote Code Execution

(2514666)

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

80

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

This security update resolves a privately reported


vulnerability in the JScript and VBScript scripting engines.
The vulnerability could allow remote code execution if a
user visited a specially crafted Web site. An attacker would
have no way to force users to visit the Web site. Instead,
an attacker would have to convince users to visit the Web
site, typically by getting them to click a link in an e-mail
message or Instant Messenger message that takes users to
the attacker's Web site.
MS11-032

Vulnerability in the OpenType Compact Font Format

Critical

(CFF) Driver Could Allow Remote Code Execution

Remote Code Execution

(2507618)
This security update resolves a privately reported
vulnerability in the OpenType Compact Font Format (CFF)
driver. The vulnerability could allow remote code execution
if a user views content rendered in a specially crafted CFF
font. In all cases, an attacker would have no way to force
users to view the specially crafted content. Instead, an
attacker would have to convince users to visit a Web site,
typically by getting them to click a link in an e-mail
message or Instant Messenger message that takes users to
the attacker's Web site.
MS11-024

Vulnerabilities in Windows Fax Cover Page Editor

Important

Could Allow Remote Code Execution (2527308)

Remote Code Execution

This security update resolves two publicly disclosed


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow remote code execution if a user opened a
specially crafted fax cover page file (.cov) using the
Windows Fax Cover Page Editor. An attacker who
successfully exploited either of these vulnerabilities could
gain the same user rights as the logged-on user. Users
whose accounts are configured to have fewer user rights on
the system could be less impacted than users who operate
with administrative user rights.
MS11-026

Vulnerability in MHTML Could Allow Information

Important

Disclosure (2503658)

Information Disclosure

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

81

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

This security update resolves a publicly disclosed


vulnerability in the MHTML protocol handler in Microsoft
Windows. The vulnerability could allow information
disclosure if a user visited a specially crafted Web site. In a
Web-based attack scenario, a Web site could contain a
specially crafted link that is used to exploit this
vulnerability. An attacker would have to convince users to
visit the Web site and open the specially crafted link.
MS11-033

Vulnerability in WordPad Text Converters Could Allow Important


Remote Code Execution (2485663)

Remote Code Execution

This security update resolves a privately reported


vulnerability in Microsoft Windows. This security update is
rated Important for all supported editions of Windows XP
and Windows Server 2003. All supported editions of
Windows Vista, Windows Server 2008, Windows 7, and
Windows Server 2008 R2 are not affected by the
vulnerability.
The vulnerability could allow remote code execution if a
user opened a specially crafted file using WordPad. An
attacker who successfully exploited this vulnerability could
gain the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with
administrative user rights.
MS11-034

Vulnerabilities in Windows Kernel-Mode Drivers Could Important


Allow Elevation of Privilege (2506223)

Elevation of Privilege

This security update resolves thirty privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow elevation of privilege if an attacker logged on
locally and ran a specially crafted application. An attacker
must have valid logon credentials and be able to log on
locally to exploit these vulnerabilities. The vulnerabilities
could not be exploited remotely or by anonymous users.

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

82

Third Party Certification Report

ID
MS11-025

Verint Guidance on Security Updates

Summary
Vulnerability in Microsoft Foundation Class (MFC)
Library Could Allow Remote Code Execution
(2500212)

Severity & Impact


Important
Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in certain applications built using the Microsoft
Foundation Class (MFC) Library. The vulnerability could
allow remote code execution if a user opens a legitimate file
associated with such an affected application, and the file is
located in the same network folder as a specially crafted
library file. For an attack to be successful, a user must visit
an untrusted remote file system location or WebDAV share
and open a document from this location that is then loaded
by the affected application.

March 2011
ID
MS11-015

Summary

Severity & Impact

Vulnerabilities in Windows Media Could Allow Remote

Critical

Code Execution (2510030)

Remote Code Execution

This security update resolves one publicly disclosed


vulnerability in DirectShow and one privately reported
vulnerability in Windows Media Player and Windows Media
Center. The more severe of these vulnerabilities could allow
remote code execution if a user opens a specially crafted
Microsoft Digital Video Recording (.dvr-ms) file. In all cases,
a user cannot be forced to open the file; for an attack to be
successful, a user must be convinced to do so.
MS11-017

Vulnerability in Remote Desktop Client Could Allow

Important

Remote Code Execution (2508062)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in Windows Remote Desktop Client. The
vulnerability could allow remote code execution if a user
opens a legitimate Remote Desktop configuration (.rdp) file
located in the same network folder as a specially crafted

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

83

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

library file. For an attack to be successful, a user must visit


an untrusted remote file system location or WebDAV share
and open a document from this location that is then loaded
by a vulnerable application.
February 2011
ID
MS11-003

Summary

Severity & Impact

Cumulative Security Update for Internet Explorer

Critical

(2482017)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities and two publicly disclosed vulnerabilities in
Internet Explorer. The vulnerabilities could allow remote
code execution if a user views a specially crafted Web page
using Internet Explorer or if a user opens a legitimate HTML
file that loads a specially crafted library file. An attacker
who successfully exploited any of these vulnerabilities could
gain the same user rights as the local user. Users whose
accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with
administrative user rights.
MS11-006

Vulnerability in Windows Shell Graphics Processing

Critical

Could Allow Remote Code Execution (2483185)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in the Windows Shell graphics processor. The
vulnerability could allow remote code execution if a user
views a specially crafted thumbnail image. An attacker who
successfully exploited this vulnerability could gain the same
user rights as the logged-on user. Users whose accounts
are configured to have fewer user rights on the system
could be less impacted than users who operate with
administrative user rights.
MS11-007

Vulnerability in the OpenType Compact Font Format

Critical

(CFF) Driver Could Allow Remote Code Execution

Remote Code Execution

(2485376)
This security update resolves a privately reported

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

84

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

vulnerability in the Windows OpenType Compact Font


Format (CFF) driver. The vulnerability could allow remote
code execution if a user views content rendered in a
specially crafted CFF font. In all cases, an attacker would
have no way to force users to view the specially crafted
content. Instead, an attacker would have to convince users
to visit a Web site, typically by getting them to click a link
in an e-mail message or Instant Messenger message that
takes users to the attacker's Web site.
MS11-004

Vulnerability in Internet Information Services (IIS)

Important

FTP Service Could Allow Remote Code Execution

Remote Code Execution

(2489256)
This security update resolves a publicly disclosed
vulnerability in Microsoft Internet Information Services (IIS)
FTP Service. The vulnerability could allow remote code
execution if an FTP server receives a specially crafted FTP
command. FTP Service is not installed by default on IIS.
MS11-005

Vulnerability in Active Directory Could Allow Denial of

Important

Service (2478953)

Denial of Service

This security update resolves a publicly disclosed


vulnerability in Active Directory. The vulnerability could
allow denial of service if an attacker sent a specially crafted
packet to an affected Active Directory server. The attacker
must have valid local administrator privileges on the
domain-joined computer in order to exploit this
vulnerability.
MS11-009

Vulnerability in JScript and VBScript Scripting

Important

Engines Could Allow Information Disclosure

Information Disclosure

(2475792)
This security update resolves a privately reported
vulnerability in the JScript and VBScript scripting engines.
The vulnerability could allow information disclosure if a user
visited a specially crafted Web site. An attacker would have
no way to force users to visit these Web sites. Instead, an
attacker would have to convince users to visit the Web site,
typically by getting them to click a link in an e-mail

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

85

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

message or Instant Messenger message that takes users to


the attacker's Web site.
MS11-010

Vulnerability in Windows Client/Server Run-time

Important

Subsystem Could Allow Elevation of Privilege

Elevation of Privilege

(2476687)
This security update resolves a privately reported
vulnerability in the Microsoft Windows Client/Server Runtime Subsystem (CSRSS) in Windows XP and Windows
Server 2003.
The vulnerability could allow elevation of privilege if an
attacker logs on to a user's system and starts a specially
crafted application that continues running after the attacker
logs off in order to obtain the logon credentials of
subsequent users. An attacker must have valid logon
credentials and be able to log on locally to exploit this
vulnerability. The vulnerability could not be exploited
remotely or by anonymous users.
MS11-011

Vulnerabilities in Windows Kernel Could Allow

Important

Elevation of Privilege (2393802)

Elevation of Privilege

This security update resolves one publicly disclosed


vulnerability and one privately reported vulnerability in
Microsoft Windows. The vulnerabilities could allow elevation
of privilege if an attacker logged on locally and ran a
specially crafted application. An attacker must have valid
logon credentials and be able to log on locally to exploit
these vulnerabilities. The vulnerabilities could not be
exploited remotely or by anonymous users.
MS11-012

Vulnerabilities in Windows Kernel-Mode Drivers Could Important


Allow Elevation of Privilege (2479628)

Elevation of Privilege

This security update resolves five privately reported


vulnerabilities in Microsoft Windows. The vulnerabilities
could allow elevation of privilege if an attacker logged on
locally and ran a specially crafted application. An attacker
must have valid logon credentials and be able to log on
locally to exploit these vulnerabilities. The vulnerabilities

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

86

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

could not be exploited remotely or by anonymous users.


MS11-013

Vulnerabilities in Kerberos Could Allow Elevation of

Important

Privilege (2496930)

Elevation of Privilege

This security update resolves one privately reported


vulnerability and one publicly disclosed vulnerability in
Microsoft Windows. The more severe of these vulnerabilities
could allow elevation of privilege if a local, authenticated
attacker installs a malicious service on a domain-joined
computer.
MS11-014

Vulnerability in Local Security Authority Subsystem

Important

Service Could Allow Local Elevation of Privilege

Elevation of Privilege

(2478960)
This security update resolves a privately reported
vulnerability in the Local Security Authority Subsystem
Service (LSASS) in Windows XP and Windows Server 2003.
The vulnerability could allow elevation of privilege if an
attacker logs on to a system and runs a specially crafted
application. An attacker must have valid logon credentials
and be able to log on locally to exploit this vulnerability.
The vulnerability could not be exploited remotely or by
anonymous users.

January 2011
ID
MS11-002

Summary

Severity & Impact

Vulnerabilities in Microsoft Data Access Components

Critical

Could Allow Remote Code Execution (2451910)

Remote Code Execution

This security update resolves two privately reported


vulnerabilities in Microsoft Data Access Components. The
vulnerabilities could allow remote code execution if a user
views a specially crafted Web page. An attacker who
successfully exploited this vulnerability could gain the same
user rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could be

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

87

Third Party Certification Report

ID

Verint Guidance on Security Updates

Summary

Severity & Impact

less impacted than users who operate with administrative


user rights.
MS11-001

Vulnerability in Windows Backup Manager Could

Important

Allow Remote Code Execution (2478935)

Remote Code Execution

This security update resolves a publicly disclosed


vulnerability in Windows Backup Manager. The vulnerability
could allow remote code execution if a user opens a
legitimate Windows Backup Manager file that is located in
the same network directory as a specially crafted library
file. For an attack to be successful, a user must visit an
untrusted remote file system location or WebDAV share and
open the legitimate file from that location, which in turn
could cause Windows Backup Manager to load the specially
crafted library file.

Windows Updates Recommended Microsoft


Customers are recommended to apply the following Windows Updates on Windows 2008
and on systems which are supported by Microsoft Service Pack releases that are listed in the
Error! Reference source not found..
Please note, that the list of Windows updates is based on Windows Server 2008 R2 Service
Pack 1 (which is supported with version 11.1).

Update for Microsoft .NET Framework 3.5.1 on Windows 7 and


Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)

Critical Updates

Update for Microsoft .NET Framework 3.5.1 on Windows 7 and


Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)

Critical Updates

Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista,


Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)

Critical Updates

Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64based Systems (KB973688)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2506014)

Critical Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

88

Third Party Certification Report

Verint Guidance on Security Updates

Update for Windows Server 2008 R2 x64 Edition (KB2533552)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2552343)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2718704)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2786081)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2798162)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2868116)

Critical Updates

Update for Windows Server 2008 R2 x64 Edition (KB2929733)

Critical Updates

Microsoft .NET Framework 4 for Windows Server 2008 R2 x64-based


Systems (KB982671)

Feature Packs

Cumulative Security Update for ActiveX Killbits for Windows Server


2008 R2 x64 Edition (KB2900986)

Security Updates

Cumulative Security Update for Internet Explorer 9 for Windows


Server 2008 R2 x64 Edition (KB2925418)

Security Updates

MSXML 6.0 RTM Security Update (925673)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 for x64-based Systems (KB2832414)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 for x64-based Systems (KB2861191)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2604115)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2656356)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2729452)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2736422)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2742599)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

89

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2756921)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2789645)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2840631)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2844286)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2861698)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2863240)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2898857)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2901112)

Security Updates

Security Update for Microsoft .NET Framework 3.5.1 on Windows 7


and Windows Server 2008 R2 SP1 for x64-based Systems
(KB2911501)

Security Updates

Security Update for Microsoft .NET Framework 4 on Windows XP,


Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 for x64-based Systems (KB2487367)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2729449)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2736428)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

90

Third Party Certification Report

Verint Guidance on Security Updates

Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019)


Security Update for Microsoft .NET Framework 4 on XP, Server 2003,
Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2840628)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2898855)

Security Updates

Security Update for Microsoft .NET Framework 4 on XP, Server 2003,


Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2901110)

Security Updates

Security Update for Microsoft Office 2003 Web Components for the
2007 Microsoft Office System (KB947318)

Security Updates

Security Update for Microsoft Visual C++ 2005 Service Pack 1


Redistributable Package (KB2538242)

Security Updates

Security Update for Microsoft Visual C++ 2008 Service Pack 1


Redistributable Package (KB2538243)

Security Updates

Security Update for Microsoft Visual C++ 2010 Redistributable


Package (KB2467173)

Security Updates

Security Update for Microsoft Visual Studio 2008 (KB972221)

Security Updates

Security Update for Microsoft Visual Studio 2008 Service Pack 1


(KB2669970)

Security Updates

Security Update for Microsoft Visual Studio 2008 Service Pack 1


(KB972222)

Security Updates

Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML
Editor (KB2251487)

Security Updates

Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for
x64-based Systems (KB954430)

Security Updates

Security Update for Report Viewer Redistributable 2008 (KB971118)

Security Updates

Security Update for Report Viewer Redistributable 2008 Service Pack 1


(KB971119)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

91

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2425227)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2479943)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2506212)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2509553)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2511455)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2536275)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2536276)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2544893)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2560656)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2564958)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2570947)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2584146)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2585542)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2620704)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2621440)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2631813)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2643719)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

92

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2653956)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2654428)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2655992)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2667402)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2676562)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2685939)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2690533)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2691442)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2698365)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2705219)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2706045)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2712808)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2719033)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2727528)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2743555)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2757638)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2758857)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

93

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2765809)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2770660)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2772930)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2785220)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2803821)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2807986)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2813347)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2813430)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2834886)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2835364)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2839894)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2840149)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2847311)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2847927)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2849470)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2853587)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2855844)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

94

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2861855)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2862152)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2862330)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2862335)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2862966)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2862973)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2864058)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2864202)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2868038)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2868623)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2868626)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2868725)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2872339)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2875783)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2876284)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2876331)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2884256)

Security Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

95

Third Party Certification Report

Verint Guidance on Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2887069)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2892074)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2893294)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2916036)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2929961)

Security Updates

Security Update for Windows Server 2008 R2 x64 Edition


(KB2930275)

Security Updates

Security Update for Windows Vista, Windows 7, Server 2008, Server


2008 R2 (KB2917500)

Security Updates

Update for Windows Server 2008 R2 x64 Edition (KB2904266)

Update Rollups

Windows Internet Explorer 9 for Windows Server 2008 R2 for x64based Systems

Update Rollups

Windows Malicious Software Removal Tool x64 - March 2014


(KB890830)

Update Rollups

Update for Kernel-Mode Driver Framework version 1.11 for Windows


Server 2008 R2 x64 Edition (KB2685811)

Updates

Update for Microsoft .NET Framework 4 on Windows XP, Windows


Server 2003, Windows Vista, Windows 7, Windows Server 2008,
Windows Server 2008 R2 for x64-based Systems (KB2468871)

Updates

Update for Microsoft .NET Framework 4 on Windows XP, Windows


Server 2003, Windows Vista, Windows 7, Windows Server 2008,
Windows Server 2008 R2 for x64-based Systems (KB2533523)

Updates

Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista,


Windows 7, Server 2008, Server 2008 R2 for x64 (KB2600217)

Updates

Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista,


Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)

Updates

Update for User-Mode Driver Framework version 1.11 for Windows


Server 2008 R2 x64 Edition (KB2685813)

Updates

Update for Windows Server 2008 R2 for x64-based Systems

Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

96

Third Party Certification Report

Verint Guidance on Security Updates

(KB2830477)
Update for Windows Server 2008 R2 x64 Edition (KB2484033)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2488113)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2505438)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2506928)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2511250)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2515325)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2522422)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2541014)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2545698)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2547666)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2563227)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2574819)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2592687)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2603229)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2607047)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2608658)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2636573)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2640148)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2647753)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2660075)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2699779)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2709630)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2709981)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2719857)

Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

97

Third Party Certification Report

Verint Guidance on Security Updates

Update for Windows Server 2008 R2 x64 Edition (KB2726535)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2729094)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2732059)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2741355)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2750841)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2761217)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2763523)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2786400)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2791765)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2806748)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2808679)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2820331)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2843630)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2846960)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2847077)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2853952)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2882822)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2888049)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2891804)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2893519)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2913431)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2919469)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB2923545)

Updates

Update for Windows Server 2008 R2 x64 Edition (KB982018)

Updates

Update for Microsoft .NET Framework 3.5.1 on Windows 7 and


Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942)

Critical Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

98

Third Party Certification Report

Verint Guidance on Security Updates

Update for Microsoft .NET Framework 3.5.1 on Windows 7 and


Windows Server 2008 R2 SP1 for x64-based Systems (KB2836943)

Critical Updates

Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista,


Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939)

Critical Updates

Impact 360 Third Party Certification Report


Confidential and Proprietary Information of Verint Systems Inc.

99