MS12-059: Vulnerability in Microsoft Visio could allow remote code execution: August 14, 2012

2012-08-14T00:00:00
ID KB2733918
Type mskb
Reporter Microsoft
Modified 2012-12-11T21:02:56

Description

<html><body><p>Resolves a vulnerability in Microsoft Visio 2010 that could allow arbitrary code to run when a maliciously modified Visio file is opened.</p><h2></h2><div class="kb-notice-section section"><br/><a bookmark-id="appliestoproducts" href="#appliestoproducts" managed-link="" target="">View products that this article applies to.</a><span></span></div><h2>Introduction</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS12-059. To view the complete security bulletin, go to one of the following Microsoft websites: <ul class="sbody-free_list"><li>Home users:<br/><div class="indent"><a href="http://www.microsoft.com/security/pc-security/bulletins/201208.aspx" id="kb-link-1" target="_self">http://www.microsoft.com/security/pc-security/bulletins/201208.aspx</a></div><span class="text-base">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now: <div class="indent"><a href="http://update.microsoft.com/microsoftupdate" id="kb-link-2" target="_self">http://update.microsoft.com/microsoftupdate</a></div></li><li>IT professionals:<br/><div class="indent"><a href="http://technet.microsoft.com/security/bulletin/ms12-059" id="kb-link-3" target="_self">http://technet.microsoft.com/security/bulletin/MS12-059</a></div></li></ul></div><h2></h2><div class="kb-summary-section section"><h3 class="sbody-h3">How to obtain help and support for this security update</h3>Help installing updates: <a href="https://support.microsoft.com/ph/6527" id="kb-link-4" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href="http://technet.microsoft.com/security/bb980617.aspx" id="kb-link-5" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware: <a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-6" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href="https://support.microsoft.com/common/international.aspx" id="kb-link-7" target="_self">International Support</a></div><h2></h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Frequently asked questions (FAQs) about this security update</h3><h4 class="sbody-h4">Why was this bulletin revised on December 11, 2012? </h4>Microsoft revised this bulletin to offer the rerelease of security update 2687508 for Visio 2010. This revision addresses an issue with specific digital certificates that were generated by Microsoft without the correct time stamp attributes. For more information, see <a href="http://technet.microsoft.com/security/advisory/2749655" id="kb-link-8" target="_self">Microsoft Security Advisory 2749655</a>.<br/><h3 class="sbody-h3">More information about this security update</h3><h4 class="sbody-h4">Known issues and additional information about this security update</h4>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link. <br/><ul class="sbody-free_list"><li><a href="https://support.microsoft.com/en-us/help/2597171" id="kb-link-9">2597171 </a> MS12-059: Description of the security update for Visio 2010: August 14, 2012</li><li><a href="https://support.microsoft.com/en-us/help/2598287" id="kb-link-10">2598287 </a> MS12-059: Description of the security update for Visio 2010 Viewer: August 14, 2012</li><li><a href="https://support.microsoft.com/en-us/help/2687508" id="kb-link-11">2687508 </a> MS12-059: Description of the security update for Visio 2010: August 14, 2012</li></ul></div><h2></h2><div class="kb-summary-section section"><div class="faq-section" faq-section=""><div class="faq-panel"><div class="faq-panel-heading" faq-panel-heading=""><span class="link-expand-image"><span class="faq-chevron win-icon win-icon-ChevronUpSmall"></span></span><span class="bold btn-link link-expand-text"><span class="bold btn-link">File hash information</span></span></div><div class="faq-panel-body" faq-panel-body=""><span><div class="kb-collapsible kb-collapsible-collapsed"><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><td class="sbody-td"><span class="text-base">Publisher Filename</span></td><td class="sbody-td"><span class="text-base">SHA1</span></td><td class="sbody-td"><span class="text-base">SHA2</span></td></tr><tr class="sbody-tr"><td class="sbody-td">visio2010-kb2687508-fullfile-x64-glb.exe</td><td class="sbody-td">50C6DCD2DAB5F18F89F950A46B8B33562AB3B637</td><td class="sbody-td">015B1DB48A832461046FDEA27656D3BFF71325AA55E040A54F1A5CF2B6BCCA98</td></tr><tr class="sbody-tr"><td class="sbody-td">visio2010-kb2687508-fullfile-x86-glb.exe</td><td class="sbody-td">E988A34767371AABA42F9FD25D0EC663ED186E5B</td><td class="sbody-td">3E0328B010DEC1F2D551FFEB26CA298E25B669ADD3B377881EB332D8EF160040</td></tr><tr class="sbody-tr"><td class="sbody-td">visio2010-kb2597171-fullfile-x64-glb.exe</td><td class="sbody-td">0CE071D574E6BEA2C659BCF820BD338FB5382C72</td><td class="sbody-td">B8627B42C4DFBE4B48A1156C656144C3852AE95BE3C001176FEEF68852D8E3D2</td></tr><tr class="sbody-tr"><td class="sbody-td">visio2010-kb2597171-fullfile-x86-glb.exe</td><td class="sbody-td">F00768D3F3271BF4E9CD8A9DDDB133D9EE8F4EE3</td><td class="sbody-td">5E05C2F6FD0208B426C3D0EFBDDA49941C720D52063DC8FE75B200775C3BA6F7</td></tr><tr class="sbody-tr"><td class="sbody-td">vviewer2010-kb2598287-fullfile-x64-glb.exe</td><td class="sbody-td">CD962D04FAFCFD2E4FED792373A3A3F45D01A13B</td><td class="sbody-td">65B3856EF73B5EF3E277FDF8A0A2284664A61AAC3461754055130569B67C45C4</td></tr><tr class="sbody-tr"><td class="sbody-td">vviewer2010-kb2598287-fullfile-x86-glb.exe</td><td class="sbody-td">01D1B906F7733FCB497F1192008C5F54253EDCFE</td><td class="sbody-td">CEFB2CA7F5D18896A3DAFDDB4C2B371BC20F147D51887213E3E131E9A3B3E377</td></tr></table></div></div><br/></span></div></div></div></div><h2></h2><div class="kb-notice-section section"><a class="bookmark" id="appliestoproducts"></a><br/><h3 class="sbody-h3">Applies to</h3>This article applies to the following:<ul class="sbody-free_list"><li>Microsoft Visio 2010 Service Pack 1</li><li>Microsoft Visio 2010 Viewer Service Pack 1</li></ul></div></body></html>