This bulletin summary lists security bulletins released for July 2012.
With the release of the security bulletins for July 2012, this bulletin summary replaces the bulletin advance notification originally issued July 5, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.
The following table summarizes the security bulletins for this month in order of severity.
For details on affected software, see the next section, Affected Software and Download Locations.
| Bulletin ID | Bulletin Title and Executive Summary | Maximum Severity Rating and Vulnerability Impact | Restart Required | Affected Software |
| MS12-043 | Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) | Critical | May require restart | Microsoft Windows, |
| Remote Code Execution | Microsoft Office, | |||
| This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker’s website. | Microsoft Developer Tools, | |||
| Microsoft Server Software | ||||
| MS12-044 | Cumulative Security Update for Internet Explorer (2719177) | Critical | Requires restart | Microsoft Windows, |
| Remote Code Execution | Internet Explorer | |||
| This security update resolves two privately reported vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
| MS12-045 | Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365) | Critical | May require restart | Microsoft Windows |
| Remote Code Execution | ||||
| This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
| MS12-046 | Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960) | Important | May require restart | Microsoft Office, |
| Remote Code Execution | Microsoft Developer Tools | |||
| This security update resolves one publicly disclosed vulnerability in Microsoft Visual Basic for Applications. The vulnerability could allow remote code execution if a user opens a legitimate Microsoft Office file (such as a .docx file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
| MS12-047 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523) | Important | Requires restart | Microsoft Windows |
| Elevation of Privilege | ||||
| This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. | ||||
| MS12-048 | Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442) | Important | Requires restart | Microsoft Windows |
| Remote Code Execution | ||||
| This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file or directory with a specially crafted name. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||
| MS12-049 | Vulnerability in TLS Could Allow Information Disclosure (2655992) | Important | Requires restart | Microsoft Windows |
| Information Disclosure | ||||
| This security update resolves a publicly disclosed vulnerability in TLS. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system. All cipher suites that do not use CBC mode are not affected. | ||||
| MS12-050 | Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502) | Important | May require restart | Microsoft Office, |
| Elevation of Privilege | Microsoft Server Software | |||
| This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site. | ||||
| MS12-051 | Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015) | |||
| This security update resolves one publicly disclosed vulnerability in Microsoft Office for Mac. The vulnerability could allow elevation of privilege if a malicious executable is placed on an affected system by an attacker, and then another user logs on later and runs the malicious executable. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. |
Affected Software and Download Locations
The following tables list the bulletins in order of major software category and severity.
How do I use these tables?
Use these tables to learn about the security updates that you may need to install. You should review each software program or component listed to see whether any security updates pertain to your installation. If a software program or component is listed, then the available software update is hyperlinked and the severity rating of the software update is also listed.
Note You may have to install several security updates for a single vulnerability. Review the whole column for each bulletin identifier that is listed to verify the updates that you have to install, based on the programs or components that you have installed on your system.
Windows Operating System and Components
| Windows XP | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Critical | None | Critical | Important | Important | Important |
| Windows XP Service Pack 3 | Microsoft XML Core Services 3.0 | Not applicable | Microsoft Data Access Components 2.8 Service Pack 1 | Windows XP Service Pack 3 | Windows XP Service Pack 3 | Windows XP Service Pack 3 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Critical) | (Critical) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows XP Professional x64 Edition Service Pack 2 | Microsoft XML Core Services 3.0 | Not applicable | Microsoft Data Access Components 2.8 Service Pack 2 | Windows XP Professional x64 Edition Service Pack 2 | Windows XP Professional x64 Edition Service Pack 2 | Windows XP Professional x64 Edition Service Pack 2 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Critical) | (Critical) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2721693) | ||||||
| (Critical) | ||||||
| Windows Server 2003 | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Moderate | None | Moderate | Important | Important | Important |
| Windows Server 2003 Service Pack 2 | Microsoft XML Core Services 3.0 | Not applicable | Microsoft Data Access Components 2.8 Service Pack 2 | Windows Server 2003 Service Pack 2 | Windows Server 2003 Service Pack 2 | Windows Server 2003 Service Pack 2 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2721693) | ||||||
| (Moderate) | ||||||
| Windows Server 2003 x64 Edition Service Pack 2 | Microsoft XML Core Services 3.0 | Not applicable | Microsoft Data Access Components 2.8 Service Pack 2 | Windows Server 2003 x64 Edition Service Pack 2 | Windows Server 2003 x64 Edition Service Pack 2 | Windows Server 2003 x64 Edition Service Pack 2 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2721693) | ||||||
| (Moderate) | ||||||
| Windows Server 2003 with SP2 for Itanium-based Systems | Microsoft XML Core Services 3.0 | Not applicable | Microsoft Data Access Components 2.8 Service Pack 2 | Windows Server 2003 with SP2 for Itanium-based Systems | Windows Server 2003 with SP2 for Itanium-based Systems | Windows Server 2003 with SP2 for Itanium-based Systems |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2721693) | ||||||
| (Moderate) | ||||||
| Windows Vista | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Critical | Critical | Critical | Important | Important | Important |
| Windows Vista Service Pack 2 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Vista Service Pack 2 | Windows Vista Service Pack 2 | Windows Vista Service Pack 2 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows Vista x64 Edition Service Pack 2 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Vista x64 Edition Service Pack 2 | Windows Vista x64 Edition Service Pack 2 | Windows Vista x64 Edition Service Pack 2 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows Server 2008 | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Moderate | Moderate | Moderate | Important | Important | Important |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Windows Server 2008 for 32-bit Systems Service Pack 2 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Moderate) | (Moderate) | (Moderate) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows Server 2008 for x64-based Systems Service Pack 2 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Server 2008 for x64-based Systems Service Pack 2 | Windows Server 2008 for x64-based Systems Service Pack 2 | Windows Server 2008 for x64-based Systems Service Pack 2 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Moderate) | (Moderate) | (Moderate) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows Server 2008 for Itanium-based Systems Service Pack 2 | Microsoft XML Core Services 3.0 | Not applicable | Windows Data Access Components 6.0 | Windows Server 2008 for Itanium-based Systems Service Pack 2 | Windows Server 2008 for Itanium-based Systems Service Pack 2 | Windows Server 2008 for Itanium-based Systems Service Pack 2 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows 7 | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Critical | Critical | Critical | Important | Important | Important |
| Windows 7 for 32-bit Systems | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows 7 for 32-bit Systems | Windows 7 for 32-bit Systems | Windows 7 for 32-bit Systems |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows 7 for 32-bit Systems Service Pack 1 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows 7 for 32-bit Systems Service Pack 1 | Windows 7 for 32-bit Systems Service Pack 1 | Windows 7 for 32-bit Systems Service Pack 1 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows 7 for x64-based Systems | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows 7 for x64-based Systems | Windows 7 for x64-based Systems | Windows 7 for x64-based Systems |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows 7 for x64-based Systems Service Pack 1 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows 7 for x64-based Systems Service Pack 1 | Windows 7 for x64-based Systems Service Pack 1 | Windows 7 for x64-based Systems Service Pack 1 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Critical) | (Critical) | (Critical) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Critical) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Critical) | ||||||
| Windows Server 2008 R2 | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | Moderate | Moderate | Moderate | Important | Important | Important |
| Windows Server 2008 R2 for x64-based Systems | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Server 2008 R2 for x64-based Systems | Windows Server 2008 R2 for x64-based Systems | Windows Server 2008 R2 for x64-based Systems |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Moderate) | (Moderate) | (Moderate) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Microsoft XML Core Services 3.0 | Internet Explorer 9 | Windows Data Access Components 6.0 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 |
| (KB2719985) | (KB2719177) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | |
| (Moderate) | (Moderate) | (Moderate) | (Important) | (Important) | (Important) | |
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows Server 2008 R2 for Itanium-based Systems | Microsoft XML Core Services 3.0 | Not applicable | Windows Data Access Components 6.0 | Windows Server 2008 R2 for Itanium-based Systems | Windows Server 2008 R2 for Itanium-based Systems | Windows Server 2008 R2 for Itanium-based Systems |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | Microsoft XML Core Services 3.0 | Not applicable | Windows Data Access Components 6.0 | Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 |
| (KB2719985) | (KB2698365) | (KB2718523) | (KB2691442) | (KB2655992) | ||
| (Moderate) | (Moderate) | (Important) | (Important) | (Important) | ||
| Microsoft XML Core Services 4.0 | ||||||
| (KB2721691) | ||||||
| (Moderate) | ||||||
| Microsoft XML Core Services 6.0 | ||||||
| (KB2719985) | ||||||
| (Moderate) | ||||||
| Server Core installation option | ||||||
| Bulletin Identifier | MS12-043 | MS12-044 | MS12-045 | MS12-047 | MS12-048 | MS12-049 |
| Aggregate Severity Rating | None | None | None | Important | Important | Important |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | Not applicable | Not applicable | Not applicable | Windows Server 2008 for 32-bit Systems Service Pack 2 | Windows Server 2008 for 32-bit Systems Service Pack 2 | Windows Server 2008 for 32-bit Systems Service Pack 2 |
| (KB2718523) | (KB2691442) | (KB2655992) | ||||
| (Important) | (Important) | (Important) | ||||
| Windows Server 2008 for x64-based Systems Service Pack 2 | Not applicable | Not applicable | Not applicable | Windows Server 2008 for x64-based Systems Service Pack 2 | Windows Server 2008 for x64-based Systems Service Pack 2 | Windows Server 2008 for x64-based Systems Service Pack 2 |
| (KB2718523) | (KB2691442) | (KB2655992) | ||||
| (Important) | (Important) | (Important) | ||||
| Windows Server 2008 R2 for x64-based Systems | Not applicable | Not applicable | Not applicable | Windows Server 2008 R2 for x64-based Systems | Windows Server 2008 R2 for x64-based Systems | Windows Server 2008 R2 for x64-based Systems |
| (KB2718523) | (KB2691442) | (KB2655992) | ||||
| (Important) | (Important) | (Important) | ||||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Not applicable | Not applicable | Not applicable | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Windows Server 2008 R2 for x64-based Systems Service Pack 1 |
| (KB2718523) | (KB2691442) | (KB2655992) | ||||
| (Important) | (Important) | (Important) | ||||
| Note for MS12-043 | ||||||
| See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category. | ||||||
| Top of section | ||||||
| Microsoft Office Suites and Software | ||||||
| Microsoft Office Suites and Components | ||||||
| Bulletin Identifier | MS12-043 | MS12-046 | MS12-050 | MS12-051 | ||
| Aggregate Severity Rating | Critical | Important | None | None | ||
| Microsoft Office 2003 Service Pack 3 | Microsoft XML Core Services 5.0[1] | Microsoft Office 2003 Service Pack 3[1] | Not applicable | Not applicable | ||
| (Critical) | (KB2598361) | |||||
| (Important) | ||||||
| Microsoft Office 2007 Service Pack 2 | Microsoft XML Core Services 5.0[1] | Microsoft Office 2007 Service Pack 2[1] | Not applicable | Not applicable | ||
| (Critical) | (KB2596744) | |||||
| (Important) | ||||||
| Microsoft Office 2007 Service Pack 3 | Microsoft XML Core Services 5.0[1] | Microsoft Office 2007 Service Pack 3[1] | Not applicable | Not applicable | ||
| (Critical) | (KB2596744) | |||||
| (Important) | ||||||
| Microsoft Office 2010 (32-bit editions) | Not applicable | Microsoft Office 2010 (32-bit editions) | Not applicable | Not applicable | ||
| (KB2598243) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 (32-bit editions) | ||||||
| (KB2553447) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 Service Pack 1 (32-bit editions) | Not applicable | Microsoft Office 2010 Service Pack 1 (32-bit editions) | Not applicable | Not applicable | ||
| (KB2598243) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 Service Pack 1 (32-bit editions) | ||||||
| (KB2553447) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 (64-bit editions) | Not applicable | Microsoft Office 2010 (64-bit editions) | Not applicable | Not applicable | ||
| (KB2598243) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 (64-bit editions) | ||||||
| (KB2553447) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 Service Pack 1 (64-bit editions) | Not applicable | Microsoft Office 2010 Service Pack 1 (64-bit editions) | Not applicable | Not applicable | ||
| (KB2598243) | ||||||
| (Important) | ||||||
| Microsoft Office 2010 Service Pack 1 (64-bit editions) | ||||||
| (KB2553447) | ||||||
| (Important) | ||||||
| Microsoft Office for Mac | ||||||
| Bulletin Identifier | MS12-043 | MS12-046 | MS12-050 | MS12-051 | ||
| Aggregate Severity Rating | None | None | None | Important | ||
| Microsoft Office for Mac 2011 | Not applicable | Not applicable | Not applicable | Microsoft Office for Mac 2011 | ||
| (KB2721015) | ||||||
| (Important) | ||||||
| Other Microsoft Office Software | ||||||
| Bulletin Identifier | MS12-043 | MS12-046 | MS12-050 | MS12-051 | ||
| Aggregate Severity Rating | Critical | None | Important | None | ||
| Microsoft Office Word Viewer | Microsoft XML Core Services 5.0[1] | Not applicable | Not applicable | Not applicable | ||
| (Critical) | ||||||
| Microsoft Office Compatibility Pack Service Pack 2 | Microsoft XML Core Services 5.0[1] | Not applicable | Not applicable | Not applicable | ||
| (Critical) | ||||||
| Microsoft Office Compatibility Pack Service Pack 3 | Microsoft XML Core Services 5.0[1] | Not applicable | Not applicable | Not applicable | ||
| (Critical) | ||||||
| Microsoft InfoPath 2007 Service Pack 2 | Not applicable | Not applicable | Microsoft InfoPath 2007 Service Pack 2 | Not applicable | ||
| (KB2596666) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2007 Service Pack 2 | ||||||
| (KB2596786) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2007 Service Pack 3 | Not applicable | Not applicable | Microsoft InfoPath 2007 Service Pack 3 | Not applicable | ||
| (KB2596666) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2007 Service Pack 3 | ||||||
| (KB2596786) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 (32-bit editions) | Not applicable | Not applicable | Microsoft InfoPath 2010 (32-bit editions) | Not applicable | ||
| (KB2553431) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 (32-bit editions) | ||||||
| (KB2553322) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 Service Pack 1 (32-bit editions) | Not applicable | Not applicable | Microsoft InfoPath 2010 Service Pack 1 (32-bit editions) | Not applicable | ||
| (KB2553431) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 Service Pack 1 (32-bit editions) | ||||||
| (KB2553322) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 (64-bit editions) | Not applicable | Not applicable | Microsoft InfoPath 2010 (64-bit editions) | Not applicable | ||
| (KB2553431) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 (64-bit editions) | ||||||
| (KB2553322) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 Service Pack 1 (64-bit editions) | Not applicable | Not applicable | Microsoft InfoPath 2010 Service Pack 1 (64-bit editions) | Not applicable | ||
| (KB2553431) | ||||||
| (Important) | ||||||
| Microsoft InfoPath 2010 Service Pack 1 (64-bit editions) | ||||||
| (KB2553322) | ||||||
| (Important) | ||||||
Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-046
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]These updates for Microsoft Office apply to all supported Microsoft Office suites and other Microsoft Office software that contain the vulnerable shared Office component. These include, but are not limited to, supported versions of Microsoft Visio and Microsoft Project.
Note for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
Top of section
Microsoft Server Software
| Microsoft Office SharePoint Server | ||
| Bulletin Identifier | MS12-043 | MS12-050 |
| Aggregate Severity Rating | Critical | Important |
| Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions) | Microsoft XML Core Services 5.0[1] | Microsoft Office SharePoint Server 2007 Service Pack 2 (coreserver) (32-bit editions)[1] |
| (Critical) | (KB2596663) | |
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (32-bit editions)[1] | ||
| (KB2596942) | ||
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 3 (32-bit editions) | Microsoft XML Core Services 5.0[1] | Microsoft Office SharePoint Server 2007 Service Pack 3 (coreserver) (32-bit editions)[1] |
| (Critical) | (KB2596663) | |
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 3 (xlsrvwfe) (32-bit editions)[1] | ||
| (KB2596942) | ||
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions) | Microsoft XML Core Services 5.0[1] | Microsoft Office SharePoint Server 2007 Service Pack 2 (coreserver) (64-bit editions)[1] |
| (Critical) | (KB2596663) | |
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (64-bit editions)[1] | ||
| (KB2596942) | ||
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 3 (64-bit editions) | Microsoft XML Core Services 5.0[1] | Microsoft Office SharePoint Server 2007 Service Pack 3 (coreserver) (64-bit editions)[1] |
| (Critical) | (KB2596663) | |
| (Important) | ||
| Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (64-bit editions)[1] | ||
| (KB2596942) | ||
| (Important) | ||
| Microsoft SharePoint Server 2010 | Not applicable | Microsoft SharePoint Server 2010 (wosrv) |
| (KB2553424) | ||
| (Important) | ||
| Microsoft SharePoint Server 2010 (coreserverloc) | ||
| (KB2553194) | ||
| (Important) | ||
| Microsoft SharePoint Server 2010 Service Pack 1 | Not applicable | Microsoft SharePoint Server 2010 Service Pack 1 (wosrv) |
| (KB2553424) | ||
| (Important) | ||
| Microsoft SharePoint Server 2010 Service Pack 1 (coreserverloc) | ||
| (KB2553194) | ||
| (Important) | ||
| Microsoft Groove Server | ||
| Bulletin Identifier | MS12-043 | MS12-050 |
| Aggregate Severity Rating | Critical | Important |
| Microsoft Groove Server 2007 Service Pack 2 | Microsoft XML Core Services 5.0[1] | Not applicable |
| (Critical) | ||
| Microsoft Groove Server 2007 Service Pack 3 | Microsoft XML Core Services 5.0[1] | Not applicable |
| (Critical) | ||
| Microsoft Groove Server 2010 | Not applicable | Microsoft Groove Server 2010 |
| (KB2589325) | ||
| (Important) | ||
| Microsoft Groove Server 2010 Service Pack 1 | Not applicable | Microsoft Groove Server 2010 Service Pack 1 |
| (KB2589325) | ||
| (Important) | ||
| Windows SharePoint Services and Microsoft SharePoint Foundation | ||
| Bulletin Identifier | MS12-043 | MS12-050 |
| Aggregate Severity Rating | None | Important |
| Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit version) | Not applicable | Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit version) |
| (KB2596911) | ||
| (Important) | ||
| Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit version) | Not applicable | Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit version) |
| (KB2596911) | ||
| (Important) | ||
| Microsoft SharePoint Foundation 2010 | Not applicable | Microsoft SharePoint Foundation 2010 |
| (KB2553365) | ||
| (Important) | ||
| Microsoft SharePoint Foundation 2010 Service Pack 1 | Not applicable | Microsoft SharePoint Foundation 2010 Service Pack 1 |
| (KB2553365) | ||
| (Important) | ||
Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]For supported editions of Microsoft Office SharePoint Server 2007, in addition to security update packages for Microsoft Office SharePoint 2007 (KB2596663 and KB2596942), customers also need to install the security update for Microsoft Windows SharePoint Services 3.0 (KB2596911) to be protected from the vulnerabilities described in this bulletin.
| Microsoft Office Web Apps | |
| Bulletin Identifier | MS12-050 |
| Aggregate Severity Rating | Important |
| Microsoft Office Web Apps 2010 | Microsoft Office Web Apps 2010 |
| (KB2598239) | |
| Microsoft Office Web Apps 2010 Service Pack 1 | Microsoft Office Web Apps 2010 Service Pack 1 |
| (KB2598239) | |
Note for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
| Microsoft Expression Web | ||
| Bulletin Identifier | MS12-043 | MS12-046 |
| Aggregate Severity Rating | Critical | None |
| Microsoft Expression Web Service Pack 1 | Microsoft XML Core Services 5.0[1] | Not applicable |
| (Critical) | ||
| Microsoft Expression Web 2 | Microsoft XML Core Services 5.0[1] | Not applicable |
| (Critical) | ||
| Microsoft Visual Basic for Applications | ||
| Bulletin Identifier | MS12-043 | MS12-046 |
| Aggregate Severity Rating | None | Important |
| Microsoft Visual Basic for Applications | Not applicable | Microsoft Visual Basic for Applications[1] |
| (KB2688865) | ||
| (Important) | ||
| Microsoft Visual Basic for Applications SDK | Not applicable | Microsoft Visual Basic for Applications SDK[2][3] |
| (Important) | ||
Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-046
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]This update package applies to supported versions of the Microsoft Visual Basic for Applications runtime (Vbe6.dll) and is available from the Microsoft Download Center only.
[2]The supported versions of the VBA SDK are Microsoft Visual Basic for Applications SDK 6.3, Microsoft Visual Basic for Applications SDK 6.4, and Microsoft Visual Basic for Applications SDK 6.5.
[3]The updated version of the Visual Basic for Applications SDK that addresses the vulnerability described in this bulletin is available for independent software vendors (ISVs) from the Summit Software Company.