MS12-060: Vulnerability in Windows common controls could allow remote code execution: August 14, 2012

Introduction

Microsoft has released security bulletin MS12-060. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More Information

Frequently asked questions (FAQs) about this security update

Why was this bulletin revised on December 11, 2012?

Microsoft revised this bulletin to offer the rerelease of security update 2726929 for Office 2003 and Office 2003 Web Components. This revision addresses an issue with specific digital certificates that were generated by Microsoft without the correct time stamp attributes. For more information, see Microsoft Security Advisory 2749655.

More information about this update

The following articles contain additional information about this update as it relates to individual product versions. The articles may contain specific information about the individual updates such as download URLs, prerequisites, and command-line switches.
  • 983811 MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012
  • 983812 MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 GDR: August 14, 2012
  • 983813 MS12-060: Description of the security update for SQL Server 2000 Analysis Services Service Pack 4 QFE: August 14, 2012
  • 2597986 MS12-060: Description of the security update for Office 2010: August 14, 2012

    Known issues in security update 2597986:
    • Windows Common Control-based embedded ActiveX controls may fail to load within pre-existing office documents, within third-party applications, and when you insert new controls in developer mode.
  • 2687441 MS12-060: Description of the security update for the 2007 Office system: August 14, 2012

    Known issues in security update 2687441:
    • Windows Common Control-based embedded ActiveX controls may fail to load within pre-existing office documents, within third-party applications, and when you insert new controls in developer mode.
  • 2687323 MS12-060: Description of the security update for Office 2003 and Office 2003 Web Components: August 14, 2012 
  • 2708437 MS12-060: Description of the security update for Visual Basic 6.0 Service Pack 6: August 14, 2012
  • 2708940 MS12-060: Description of the security update for Visual FoxPro 8.0 Service Pack 1: August 14, 2012
  • 2708941 MS12-060: Description of the security update for Visual FoxPro 9.0 Service Pack 2: August 14, 2012
  • 2711207 MS12-060: Description of the security update for Host Integration Server 2004 Service Pack 1: August 14, 2012
  • 2716389 MS12-060: Description of the security update for Commerce Server 2002: August 14, 2012
  • 2716390 MS12-060: Description of the security update for Commerce Server 2007: August 14, 2012
  • 2716392 MS12-060: Description of the security update for Commerce Server 2009: August 14, 2012
  • 2716393 MS12-060: Description of the security update for Commerce Server 2009 R2: August 14, 2012
  • 2726929  MS12-060: Description of the security update for Office 2003 and Office 2003 Web Components: August 14, 2012

    Known issues in security update 2726929:
    • Common Control-based embedded ActiveX controls may fail to load within pre-existing office documents, within third-party applications, and when you insert new controls in developer mode.
File hash information

Update replacement information

You can find update replacement information for each specific update in the Microsoft Knowledge Base articles that correspond to this update.

Applies to

This article applies to the following:
  • Microsoft Office 2010 Service Pack 1
  • 2007 Microsoft Office Suite Service Pack 3
  • 2007 Microsoft Office Suite Service Pack 2
  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2003 Web Components Service Pack 3
  • Microsoft Visual Basic 6.0 Service Pack 6
  • Microsoft Visual FoxPro 8.0 Service Pack 1
  • Microsoft Visual FoxPro 9.0 Service Pack 2
  • Microsoft Host Integration Server 2004 Service Pack 1
  • Microsoft Commerce Server 2002
  • Microsoft Commerce Server 2007
  • Microsoft Commerce Server 2009
  • Microsoft Commerce Server 2009 R2
  • Microsoft SQL Server 2000 Analysis Services Service Pack 4
  • Microsoft SQL Server 2000 Service Pack 4
Properties

Article ID: 2720573 - Last Review: Sep 22, 2013 - Revision: 1

Feedback