«

»

Microsoft Patch Tuesday for July 2012

This bulletin summary lists security bulletins released for July 2012.
With the release of the security bulletins for July 2012, this bulletin summary replaces the bulletin advance notification originally issued July 5, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

The following table summarizes the security bulletins for this month in order of severity.
For details on affected software, see the next section, Affected Software and Download Locations.

Bulletin ID Bulletin Title and Executive Summary Maximum Severity Rating and Vulnerability Impact Restart Required Affected Software
MS12-043 Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) Critical May require restart Microsoft Windows,
Remote Code Execution Microsoft Office,
This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker’s website. Microsoft Developer Tools,
Microsoft Server Software
MS12-044 Cumulative Security Update for Internet Explorer (2719177) Critical Requires restart Microsoft Windows,
Remote Code Execution Internet Explorer
This security update resolves two privately reported vulnerabilities in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-045 Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365) Critical May require restart Microsoft Windows
Remote Code Execution
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-046 Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960) Important May require restart Microsoft Office,
Remote Code Execution Microsoft Developer Tools
This security update resolves one publicly disclosed vulnerability in Microsoft Visual Basic for Applications. The vulnerability could allow remote code execution if a user opens a legitimate Microsoft Office file (such as a .docx file) that is located in the same directory as a specially crafted dynamic link library (DLL) file. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-047 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523) Important Requires restart Microsoft Windows
Elevation of Privilege
This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
MS12-048 Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442) Important Requires restart Microsoft Windows
Remote Code Execution
This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file or directory with a specially crafted name. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
MS12-049 Vulnerability in TLS Could Allow Information Disclosure (2655992) Important Requires restart Microsoft Windows
Information Disclosure
This security update resolves a publicly disclosed vulnerability in TLS. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system. All cipher suites that do not use CBC mode are not affected.
MS12-050 Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502) Important May require restart Microsoft Office,
Elevation of Privilege Microsoft Server Software
This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site.
MS12-051 Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)
This security update resolves one publicly disclosed vulnerability in Microsoft Office for Mac. The vulnerability could allow elevation of privilege if a malicious executable is placed on an affected system by an attacker, and then another user logs on later and runs the malicious executable. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Affected Software and Download Locations
The following tables list the bulletins in order of major software category and severity.
How do I use these tables?
Use these tables to learn about the security updates that you may need to install. You should review each software program or component listed to see whether any security updates pertain to your installation. If a software program or component is listed, then the available software update is hyperlinked and the severity rating of the software update is also listed.
Note You may have to install several security updates for a single vulnerability. Review the whole column for each bulletin identifier that is listed to verify the updates that you have to install, based on the programs or components that you have installed on your system.

Windows Operating System and Components

Windows XP
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Critical None Critical Important Important Important
Windows XP Service Pack 3 Microsoft XML Core Services 3.0 Not applicable Microsoft Data Access Components 2.8 Service Pack 1 Windows XP Service Pack 3 Windows XP Service Pack 3 Windows XP Service Pack 3
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 Not applicable Microsoft Data Access Components 2.8 Service Pack 2 Windows XP Professional x64 Edition Service Pack 2 Windows XP Professional x64 Edition Service Pack 2 Windows XP Professional x64 Edition Service Pack 2
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2721693)
(Critical)
Windows Server 2003
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Moderate None Moderate Important Important Important
Windows Server 2003 Service Pack 2 Microsoft XML Core Services 3.0 Not applicable Microsoft Data Access Components 2.8 Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 Service Pack 2
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2721693)
(Moderate)
Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 Not applicable Microsoft Data Access Components 2.8 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2721693)
(Moderate)
Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 3.0 Not applicable Microsoft Data Access Components 2.8 Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Server 2003 with SP2 for Itanium-based Systems Windows Server 2003 with SP2 for Itanium-based Systems
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2721693)
(Moderate)
Windows Vista
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Critical Critical Critical Important Important Important
Windows Vista Service Pack 2 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Vista Service Pack 2 Windows Vista Service Pack 2 Windows Vista Service Pack 2
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Vista x64 Edition Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Vista x64 Edition Service Pack 2
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows Server 2008
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Moderate Moderate Moderate Important Important Important
Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 3.0 Not applicable Windows Data Access Components 6.0 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows 7
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Critical Critical Critical Important Important Important
Windows 7 for 32-bit Systems Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows 7 for 32-bit Systems Service Pack 1 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows 7 for x64-based Systems Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows 7 for x64-based Systems Windows 7 for x64-based Systems Windows 7 for x64-based Systems
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Critical) (Critical) (Critical) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Critical)
Microsoft XML Core Services 6.0
(KB2719985)
(Critical)
Windows Server 2008 R2
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating Moderate Moderate Moderate Important Important Important
Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft XML Core Services 3.0 Internet Explorer 9 Windows Data Access Components 6.0 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1
(KB2719985) (KB2719177) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 3.0 Not applicable Windows Data Access Components 6.0 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 3.0 Not applicable Windows Data Access Components 6.0 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(KB2719985) (KB2698365) (KB2718523) (KB2691442) (KB2655992)
(Moderate) (Moderate) (Important) (Important) (Important)
Microsoft XML Core Services 4.0
(KB2721691)
(Moderate)
Microsoft XML Core Services 6.0
(KB2719985)
(Moderate)
Server Core installation option
Bulletin Identifier MS12-043 MS12-044 MS12-045 MS12-047 MS12-048 MS12-049
Aggregate Severity Rating None None None Important Important Important
Windows Server 2008 for 32-bit Systems Service Pack 2 Not applicable Not applicable Not applicable Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2
(KB2718523) (KB2691442) (KB2655992)
(Important) (Important) (Important)
Windows Server 2008 for x64-based Systems Service Pack 2 Not applicable Not applicable Not applicable Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2
(KB2718523) (KB2691442) (KB2655992)
(Important) (Important) (Important)
Windows Server 2008 R2 for x64-based Systems Not applicable Not applicable Not applicable Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems
(KB2718523) (KB2691442) (KB2655992)
(Important) (Important) (Important)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 Not applicable Not applicable Not applicable Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1
(KB2718523) (KB2691442) (KB2655992)
(Important) (Important) (Important)
Note for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
Top of section
Microsoft Office Suites and Software
Microsoft Office Suites and Components
Bulletin Identifier MS12-043 MS12-046 MS12-050 MS12-051
Aggregate Severity Rating Critical Important None None
Microsoft Office 2003 Service Pack 3 Microsoft XML Core Services 5.0[1] Microsoft Office 2003 Service Pack 3[1] Not applicable Not applicable
(Critical) (KB2598361)
(Important)
Microsoft Office 2007 Service Pack 2 Microsoft XML Core Services 5.0[1] Microsoft Office 2007 Service Pack 2[1] Not applicable Not applicable
(Critical) (KB2596744)
(Important)
Microsoft Office 2007 Service Pack 3 Microsoft XML Core Services 5.0[1] Microsoft Office 2007 Service Pack 3[1] Not applicable Not applicable
(Critical) (KB2596744)
(Important)
Microsoft Office 2010 (32-bit editions) Not applicable Microsoft Office 2010 (32-bit editions) Not applicable Not applicable
(KB2598243)
(Important)
Microsoft Office 2010 (32-bit editions)
(KB2553447)
(Important)
Microsoft Office 2010 Service Pack 1 (32-bit editions) Not applicable Microsoft Office 2010 Service Pack 1 (32-bit editions) Not applicable Not applicable
(KB2598243)
(Important)
Microsoft Office 2010 Service Pack 1 (32-bit editions)
(KB2553447)
(Important)
Microsoft Office 2010 (64-bit editions) Not applicable Microsoft Office 2010 (64-bit editions) Not applicable Not applicable
(KB2598243)
(Important)
Microsoft Office 2010 (64-bit editions)
(KB2553447)
(Important)
Microsoft Office 2010 Service Pack 1 (64-bit editions) Not applicable Microsoft Office 2010 Service Pack 1 (64-bit editions) Not applicable Not applicable
(KB2598243)
(Important)
Microsoft Office 2010 Service Pack 1 (64-bit editions)
(KB2553447)
(Important)
Microsoft Office for Mac
Bulletin Identifier MS12-043 MS12-046 MS12-050 MS12-051
Aggregate Severity Rating None None None Important
Microsoft Office for Mac 2011 Not applicable Not applicable Not applicable Microsoft Office for Mac 2011
(KB2721015)
(Important)
Other Microsoft Office Software
Bulletin Identifier MS12-043 MS12-046 MS12-050 MS12-051
Aggregate Severity Rating Critical None Important None
Microsoft Office Word Viewer Microsoft XML Core Services 5.0[1] Not applicable Not applicable Not applicable
(Critical)
Microsoft Office Compatibility Pack Service Pack 2 Microsoft XML Core Services 5.0[1] Not applicable Not applicable Not applicable
(Critical)
Microsoft Office Compatibility Pack Service Pack 3 Microsoft XML Core Services 5.0[1] Not applicable Not applicable Not applicable
(Critical)
Microsoft InfoPath 2007 Service Pack 2 Not applicable Not applicable Microsoft InfoPath 2007 Service Pack 2 Not applicable
(KB2596666)
(Important)
Microsoft InfoPath 2007 Service Pack 2
(KB2596786)
(Important)
Microsoft InfoPath 2007 Service Pack 3 Not applicable Not applicable Microsoft InfoPath 2007 Service Pack 3 Not applicable
(KB2596666)
(Important)
Microsoft InfoPath 2007 Service Pack 3
(KB2596786)
(Important)
Microsoft InfoPath 2010 (32-bit editions) Not applicable Not applicable Microsoft InfoPath 2010 (32-bit editions) Not applicable
(KB2553431)
(Important)
Microsoft InfoPath 2010 (32-bit editions)
(KB2553322)
(Important)
Microsoft InfoPath 2010 Service Pack 1 (32-bit editions) Not applicable Not applicable Microsoft InfoPath 2010 Service Pack 1 (32-bit editions) Not applicable
(KB2553431)
(Important)
Microsoft InfoPath 2010 Service Pack 1 (32-bit editions)
(KB2553322)
(Important)
Microsoft InfoPath 2010 (64-bit editions) Not applicable Not applicable Microsoft InfoPath 2010 (64-bit editions) Not applicable
(KB2553431)
(Important)
Microsoft InfoPath 2010 (64-bit editions)
(KB2553322)
(Important)
Microsoft InfoPath 2010 Service Pack 1 (64-bit editions) Not applicable Not applicable Microsoft InfoPath 2010 Service Pack 1 (64-bit editions) Not applicable
(KB2553431)
(Important)
Microsoft InfoPath 2010 Service Pack 1 (64-bit editions)
(KB2553322)
(Important)

Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-046
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]These updates for Microsoft Office apply to all supported Microsoft Office suites and other Microsoft Office software that contain the vulnerable shared Office component. These include, but are not limited to, supported versions of Microsoft Visio and Microsoft Project.
Note for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
Top of section

Microsoft Server Software

Microsoft Office SharePoint Server
Bulletin Identifier MS12-043 MS12-050
Aggregate Severity Rating Critical Important
Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions) Microsoft XML Core Services 5.0[1] Microsoft Office SharePoint Server 2007 Service Pack 2 (coreserver) (32-bit editions)[1]
(Critical) (KB2596663)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (32-bit editions)[1]
(KB2596942)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 3 (32-bit editions) Microsoft XML Core Services 5.0[1] Microsoft Office SharePoint Server 2007 Service Pack 3 (coreserver) (32-bit editions)[1]
(Critical) (KB2596663)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 3 (xlsrvwfe) (32-bit editions)[1]
(KB2596942)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions) Microsoft XML Core Services 5.0[1] Microsoft Office SharePoint Server 2007 Service Pack 2 (coreserver) (64-bit editions)[1]
(Critical) (KB2596663)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (64-bit editions)[1]
(KB2596942)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 3 (64-bit editions) Microsoft XML Core Services 5.0[1] Microsoft Office SharePoint Server 2007 Service Pack 3 (coreserver) (64-bit editions)[1]
(Critical) (KB2596663)
(Important)
Microsoft Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe) (64-bit editions)[1]
(KB2596942)
(Important)
Microsoft SharePoint Server 2010 Not applicable Microsoft SharePoint Server 2010 (wosrv)
(KB2553424)
(Important)
Microsoft SharePoint Server 2010 (coreserverloc)
(KB2553194)
(Important)
Microsoft SharePoint Server 2010 Service Pack 1 Not applicable Microsoft SharePoint Server 2010 Service Pack 1 (wosrv)
(KB2553424)
(Important)
Microsoft SharePoint Server 2010 Service Pack 1 (coreserverloc)
(KB2553194)
(Important)
Microsoft Groove Server
Bulletin Identifier MS12-043 MS12-050
Aggregate Severity Rating Critical Important
Microsoft Groove Server 2007 Service Pack 2 Microsoft XML Core Services 5.0[1] Not applicable
(Critical)
Microsoft Groove Server 2007 Service Pack 3 Microsoft XML Core Services 5.0[1] Not applicable
(Critical)
Microsoft Groove Server 2010 Not applicable Microsoft Groove Server 2010
(KB2589325)
(Important)
Microsoft Groove Server 2010 Service Pack 1 Not applicable Microsoft Groove Server 2010 Service Pack 1
(KB2589325)
(Important)
Windows SharePoint Services and Microsoft SharePoint Foundation
Bulletin Identifier MS12-043 MS12-050
Aggregate Severity Rating None Important
Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit version) Not applicable Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit version)
(KB2596911)
(Important)
Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit version) Not applicable Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit version)
(KB2596911)
(Important)
Microsoft SharePoint Foundation 2010 Not applicable Microsoft SharePoint Foundation 2010
(KB2553365)
(Important)
Microsoft SharePoint Foundation 2010 Service Pack 1 Not applicable Microsoft SharePoint Foundation 2010 Service Pack 1
(KB2553365)
(Important)

Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]For supported editions of Microsoft Office SharePoint Server 2007, in addition to security update packages for Microsoft Office SharePoint 2007 (KB2596663 and KB2596942), customers also need to install the security update for Microsoft Windows SharePoint Services 3.0 (KB2596911) to be protected from the vulnerabilities described in this bulletin.

Microsoft Office Web Apps
Bulletin Identifier MS12-050
Aggregate Severity Rating Important
Microsoft Office Web Apps 2010 Microsoft Office Web Apps 2010
(KB2598239)
Microsoft Office Web Apps 2010 Service Pack 1 Microsoft Office Web Apps 2010 Service Pack 1
(KB2598239)

Note for MS12-050
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.

Microsoft Expression Web
Bulletin Identifier MS12-043 MS12-046
Aggregate Severity Rating Critical None
Microsoft Expression Web Service Pack 1 Microsoft XML Core Services 5.0[1] Not applicable
(Critical)
Microsoft Expression Web 2 Microsoft XML Core Services 5.0[1] Not applicable
(Critical)
Microsoft Visual Basic for Applications
Bulletin Identifier MS12-043 MS12-046
Aggregate Severity Rating None Important
Microsoft Visual Basic for Applications Not applicable Microsoft Visual Basic for Applications[1]
(KB2688865)
(Important)
Microsoft Visual Basic for Applications SDK Not applicable Microsoft Visual Basic for Applications SDK[2][3]
(Important)

Notes for MS12-043
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]The security updates for Microsoft XML Core Services 5.0 are unavailable at this time.
Notes for MS12-046
See also other software categories under this section, Affected Software and Download Locations, for more update files under the same bulletin identifier. This bulletin spans more than one software category.
[1]This update package applies to supported versions of the Microsoft Visual Basic for Applications runtime (Vbe6.dll) and is available from the Microsoft Download Center only.
[2]The supported versions of the VBA SDK are Microsoft Visual Basic for Applications SDK 6.3, Microsoft Visual Basic for Applications SDK 6.4, and Microsoft Visual Basic for Applications SDK 6.5.
[3]The updated version of the Visual Basic for Applications SDK that addresses the vulnerability described in this bulletin is available for independent software vendors (ISVs) from the Summit Software Company.