MS12-036 – Critical : Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (June 13, 2012): Added a workaround in the Vulnerability Information section that explains how to enable Network Level Authentication on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
Summary: This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.

MS12-041 – Important : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (June 12, 2012): Bulletin published.
Summary: This security update resolves five privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities.

MS12-029 – Critical : Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) – Version: 1.2

Severity Rating: Critical
Revision Note: V1.2 (June 20, 2012): Added entries to the update FAQ to clarify that the updates for Microsoft Word 2003 Service Pack 3 (KB2598332) and Microsoft Word 2007 Service Pack 2 (KB2596917) include architecture updates for Office File Validation.
Summary: This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.