MS12-052 is a critical patch for four vulnerabilities in Internet Explorer 6, 7, and 8. This bulletin is a continuation in Microsoft’s monthly Internet Explorer patch cadence. This should be number one on organizations’ and consumers’ “must patch” list.
MS12-053, labeled as critical, patches yet another Remote Desktop Protocol (RDP) vulnerability, though Microsoft states that exploit code would be difficult to build for this bulletin. MS12-054, also labeled as critical, address four vulnerabilities relating to Windows Network Components. Microsoft says that exploit code is unlikely for these vulnerabilities. Both MS12-053 and MS12-054 should be mitigated by traditional perimeter defense measures such as firewalls.
MS12-058 labeled as critical, addresses a vulnerability that was introduced by Oracle Outside In, which is used as part of Exchange. It’s interesting that Microsoft labels this critical, while Oracle listed the vulnerability in their Critical Patch Update with a base score of 2.1, which is very low. After MS12-052, MS12-058 should be an organization's second priority to patch. It appears to be an excellent option for spear phishing attempts since it can compromise the server simply by a legitimate user opening a malicious document using Outlook Web App (OWA). An attacker could then escalate privileges from there.
The last critical bulletin, MS12-060, addresses vulnerabilities in Windows common controls, which are used in a slew of productivity and business related software such as Office and SQL Server. This bulletin could affect both business and consumers. Microsoft is aware of it being used as part of targeted attacks in the wild, which are unlikely to affect consumers; however, business and government organizations should deploy this patch as soon as possible.