Symantec Security Threatcon Status for 2012-07-04

On June 12, 2012, Microsoft released its scheduled patch update for June 2012. This month's update covers vulnerabilities in the Microsoft Windows operating system, Office, Internet Explorer, Dynamics AX, and .NET Framework. Seven security bulletins have been released to address these issues.

Of special note are the critical Internet Explorer vulnerabilities fixed in MS12-037 patch. These issues can be exploited for remote unauthenticated code-execution when a user views a specially crafted webpage using Internet Explorer. User accounts configured with minimal user rights are less impacted than users who operate with administrative user rights.

There have been confirmed reports of CVE-2012-1875 being exploited in the wild. Customers are advised to install all applicable updates as soon as possible.

Microsoft Security Bulletin Summary for June 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-jun

CVE-2012-1875 Exploited in the Wild - Part 1 (Trojan.Naid)
http://www.symantec.com/connect/blogs/cve-2012-1875-exploited-wild-part-1-trojannaid

CVE-2012-1875 in the Wild (Part 2) - Internet Explorer Gets Stumped
http://www.symantec.com/connect/blogs/cve-2012-1875-wild-part-2-internet-explorer-gets-stumped