On March 15, we became aware of public proof-of-concept code that results in denial of service for the issue addressed by MS12-020, which we released Tuesday.
We continue to watch the threat landscape and we are not aware of public proof-of-concept code that results in remote code execution.
We recommend customers deploy MS12-020 as soon as possible, as this security update protects against attempts to exploit CVE-2012-0002. Additionally we have offered a one-click Fix It to help mitigate risk for those customers who need time to test the update before deploying it.
The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements.
Customers who have deployed MS12-020 are protected from attempts to exploit CVE-2012-0002.
Consistent with the charter of the MAPP program, we released details related to the vulnerabilities addressed in MS12-020 to MAPP partners under a strict Non-Disclosure Agreement in advance of releasing the security bulletin. Security software partners use this type of information to build enhanced customer protections that, in many cases, provide customers with more time to make optimal deployment decisions for their environments. More information about the MAPP program can be found here: http://www.microsoft.com/security/msrc/whatwedo/securitycollaboration.aspx
Director, Trustworthy Computing