[新闻] 20120406,微软四月份安全补丁提前通知


大家好,我是 Richard Chen。

在此提前通知各位:微软计划于北京时间4月11日清晨发布6个安全补丁,共修复 Microsoft Windows, Microsoft Office, Internet Explorer, Forefront UAG 和 .NET Framework 中的11个安全漏洞。6个补丁的最高严重等级详见下图:

Bulletin ID Maximum Severity Rating and Vulnerability Impact Restart Requirement Affected Software
Bulletin 1 Critical
Remote Code Execution
Requires restart Microsoft Windows,
Internet Explorer
Bulletin 2 Critical
Remote Code Execution
Requires restart Microsoft Windows
Bulletin 3 Critical
Remote Code Execution
May require restart Microsoft Windows,
Microsoft .NET Framework
Bulletin 4 Critical
Remote Code Execution
May require restart Microsoft Office,
Microsoft SQL Server,
Microsoft Server Software,
Microsoft Developer Tools
Bulletin 5 Important
Information Disclosure
May require restart Microsoft Forefront United Access Gateway
Bulletin 6 Important
Remote Code Execution
May require restart Microsoft Office

按照受影响的操作系统分类如下:

Windows XP
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Critical Critical Critical
Windows XP Service Pack 3 Internet Explorer 6
(Critical)

Internet Explorer 7
(Critical)

Internet Explorer 8
(Critical)
Windows XP Service Pack 3
(Critical)
Windows XP Service Pack 3
(Critical)
Windows XP Professional x64 Edition Service Pack 2 Internet Explorer 6
(Critical)

Internet Explorer 7
(Critical)

Internet Explorer 8
(Critical)
Windows XP Professional x64 Edition Service Pack 2
(Critical)
Windows XP Professional x64 Edition Service Pack 2
(Critical)
Windows Server 2003
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Moderate Critical Critical
Windows Server 2003 Service Pack 2 Internet Explorer 6
(Moderate)

Internet Explorer 7
(Moderate)

Internet Explorer 8
(Moderate)
Windows Server 2003 Service Pack 2
(Critical)
Windows Server 2003 Service Pack 2
(Critical)
Windows Server 2003 x64 Edition Service Pack 2 Internet Explorer 6
(Moderate)

Internet Explorer 7
(Moderate)

Internet Explorer 8
(Moderate)
Windows Server 2003 x64 Edition Service Pack 2
(Critical)
Windows Server 2003 x64 Edition Service Pack 2
(Critical)
Windows Server 2003 with SP2 for Itanium-based Systems Internet Explorer 6
(Moderate)

Internet Explorer 7
(Moderate)
Windows Server 2003 with SP2 for Itanium-based Systems
(Critical)
Windows Server 2003 with SP2 for Itanium-based Systems
(Critical)
Windows Vista
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Critical Critical Critical
Windows Vista Service Pack 2 Internet Explorer 7
(Critical)

Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows Vista Service Pack 2
(Critical)
Windows Vista Service Pack 2
(Critical)
Windows Vista x64 Edition Service Pack 2 Internet Explorer 7
(Critical)

Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows Vista x64 Edition Service Pack 2
(Critical)
Windows Vista x64 Edition Service Pack 2
(Critical)
Windows Server 2008
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Moderate Critical Critical
Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 7**
(Moderate)

Internet Explorer 8**
(Moderate)

Internet Explorer 9**
(Moderate)
Windows Server 2008 for 32-bit Systems Service Pack 2*
(Critical)
Windows Server 2008 for 32-bit Systems Service Pack 2
(Critical)
Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 7**
(Moderate)

Internet Explorer 8**
(Moderate)

Internet Explorer 9**
(Moderate)
Windows Server 2008 for x64-based Systems Service Pack 2*
(Critical)
Windows Server 2008 for x64-based Systems Service Pack 2
(Critical)
Windows Server 2008 for Itanium-based Systems Service Pack 2 Internet Explorer 7
(Moderate)
Windows Server 2008 for Itanium-based Systems Service Pack 2
(Critical)
Windows Server 2008 for Itanium-based Systems Service Pack 2
(Critical)
Windows 7
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Critical Critical Critical
Windows 7 for 32-bit Systems Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows 7 for 32-bit Systems
(Critical)
Windows 7 for 32-bit Systems
(Critical)
Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows 7 for 32-bit Systems Service Pack 1
(Critical)
Windows 7 for 32-bit Systems Service Pack 1
(Critical)
Windows 7 for x64-based Systems Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows 7 for x64-based Systems
(Critical)
Windows 7 for x64-based Systems
(Critical)
Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 8
(Critical)

Internet Explorer 9
(Critical)
Windows 7 for x64-based Systems Service Pack 1
(Critical)
Windows 7 for x64-based Systems Service Pack 1
(Critical)
Windows Server 2008 R2
Bulletin Identifier Bulletin 1 Bulletin 2 Bulletin 3
Aggregate Severity Rating Moderate Critical Critical
Windows Server 2008 R2 for x64-based Systems Internet Explorer 8**
(Moderate)

Internet Explorer 9**
(Moderate)
Windows Server 2008 R2 for x64-based Systems*
(Critical)
Windows Server 2008 R2 for x64-based Systems*
(Critical)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 8**
(Moderate)

Internet Explorer 9**
(Moderate)
Windows Server 2008 R2 for x64-based Systems Service Pack 1*
(Critical)
Windows Server 2008 R2 for x64-based Systems Service Pack 1*
(Critical)
Windows Server 2008 R2 for Itanium-based Systems Internet Explorer 8
(Moderate)
Windows Server 2008 R2 for Itanium-based Systems
(Critical)
Windows Server 2008 R2 for Itanium-based Systems
(Critical)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Internet Explorer 8
(Moderate)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(Critical)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(Critical)

微软 Office 补丁相关信息:

Microsoft Office Suites and Components
Bulletin Identifier Bulletin 4 Bulletin 6
Aggregate Severity Rating Critical Important
Microsoft Office 2003 Service Pack 3 Microsoft Office 2003 Service Pack 3
(Critical)
Not applicable
Microsoft Office 2007 Service Pack 2 Microsoft Office 2007 Service Pack 2
(Critical)
Microsoft Office 2007 Service Pack 2
(Important)
Microsoft Office 2007 Service Pack 3 Microsoft Office 2007 Service Pack 3
(Critical)
Not applicable
Microsoft Office 2010 (32-bit editions) Microsoft Office 2010 (32-bit editions)
(Critical)
Not applicable
Microsoft Office 2010 Service Pack 1 (32-bit editions) Microsoft Office 2010 Service Pack 1 (32-bit editions)
(Critical)
Not applicable
Microsoft Office Web Components
Bulletin Identifier Bulletin 4 Bulletin 6
Aggregate Severity Rating Critical None
Microsoft Office 2003 Web Components Service Pack 3 Microsoft Office 2003 Web Components Service Pack 3
(Critical)
Not applicable
Other Microsoft Office Software
Bulletin Identifier Bulletin 4 Bulletin 6
Aggregate Severity Rating None Important
Microsoft Works 9 Not applicable Microsoft Works 9
(Important)
Microsoft Works 6–9 File Converter Not applicable Microsoft Works 6–9 File Converter
(Important)

Bulletin 4 的注释 : 本补丁影响多类软件。

微软服务器软件补丁相关信息:

Microsoft SQL Server
Bulletin Identifier Bulletin 4
Aggregate Severity Rating Critical
Microsoft SQL Server 2000 Service Pack 4 Microsoft SQL Server 2000 Service Pack 4
(Critical)
Microsoft SQL Server 2000 Analysis Services Service Pack 4 Microsoft SQL Server 2000 Analysis Services Service Pack 4
(Critical)
Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4 Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4
(Critical)
Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4 Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4
(Critical)
Microsoft SQL Server 2005 for x64-based Systems Service Pack 4 Microsoft SQL Server 2005 for x64-based Systems Service Pack 4
(Critical)
Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4 Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4
(Critical)
Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2 Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2
(Critical)
Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3 Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3
(Critical)
Microsoft SQL Server 2008 for x64-based Systems Service Pack 2 Microsoft SQL Server 2008 for x64-based Systems Service Pack 2
(Critical)
Microsoft SQL Server 2008 for x64-based Systems Service Pack 3 Microsoft SQL Server 2008 for x64-based Systems Service Pack 3
(Critical)
Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2 Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2
(Critical)
Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3 Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3
(Critical)
Microsoft SQL Server 2008 R2 for 32-bit Systems Microsoft SQL Server 2008 R2 for 32-bit Systems
(Critical)
Microsoft SQL Server 2008 R2 for x64-based Systems Microsoft SQL Server 2008 R2 for x64-based Systems
(Critical)
Microsoft SQL Server 2008 R2 for Itanium-based Systems Microsoft SQL Server 2008 R2 for Itanium-based Systems
(Critical)

Bulletin 4 的注释 : 本补丁影响多类软件。

Microsoft BizTalk Server
Bulletin Identifier Bulletin 4
Aggregate Severity Rating Critical
Microsoft BizTalk Server 2002 Service Pack 1 Microsoft BizTalk Server 2002 Service Pack 1
(Critical)
Microsoft Commerce Server
Bulletin Identifier Bulletin 4
Aggregate Severity Rating Critical
Microsoft Commerce Server 2002 Service Pack 4 Microsoft Commerce Server 2002 Service Pack 4
(Critical)
Microsoft Commerce Server 2007 Service Pack 2 Microsoft Commerce Server 2007 Service Pack 2
(Critical)
Microsoft Commerce Server 2009 Microsoft Commerce Server 2009
(Critical)
Microsoft Commerce Server 2009 R2 Microsoft Commerce Server 2009 R2
(Critical)

Bulletin 4 的注释 : 本补丁影响多类软件。

微软开发者工具与软件补丁相关信息:

Microsoft Visual FoxPro
Bulletin Identifier Bulletin 4
Aggregate Severity Rating Critical
Microsoft Visual FoxPro 8.0 Service Pack 1 Microsoft Visual FoxPro 8.0 Service Pack 1
(Critical)
Microsoft Visual FoxPro 9.0 Service Pack 2 Microsoft Visual FoxPro 9.0 Service Pack 2
(Critical)
Visual Basic
Bulletin Identifier Bulletin 4
Aggregate Severity Rating Critical
Visual Basic 6.0 Runtime Visual Basic 6.0 Runtime
(Critical)

Bulletin 4 的注释 : 本补丁影响多类软件。

微软远程访问软件补丁相关信息:

Microsoft Forefront Unified Access Gateway
Bulletin Identifier Bulletin 5
Aggregate Severity Rating Important
Microsoft Forefront Unified Access Gateway Microsoft Forefront Unified Access Gateway 2010 Service Pack 1
(Important)

Microsoft Forefront Unified Access Gateway 2010 Service Pack 1 Update 1
(Important)

以下为提前通知的文章全文(英文),请各位先行评估了解受影响的系统。

Microsoft Security Bulletin Advance Notification for April 2012:

http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

谢谢!

Richard Chen

大中华区软件安全项目经理

Comments (0)

Skip to main content