MS Security Bulletin Summary - Jan 2013
FYI...
- http://technet.microsoft.com/en-us/s...letin/ms13-jan
Jan 08, 2013 - "This bulletin summary lists security bulletins released for January 2013...
(Total of -7-)
Microsoft Security Bulletin MS13-001 - Critical
Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)
- http://technet.microsoft.com/en-us/s...letin/ms13-001
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-002 - Critical
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
- http://technet.microsoft.com/en-us/s...letin/ms13-002
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft Office, Microsoft Developer Tools, Microsoft Server Software
Microsoft Security Bulletin MS13-003 - Important
Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552)
- http://technet.microsoft.com/en-us/s...letin/ms13-003
Important - Elevation of Privilege - Does not require restart - Microsoft Server Software
Microsoft Security Bulletin MS13-004 - Important
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
- http://technet.microsoft.com/en-us/s...letin/ms13-004
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework
Microsoft Security Bulletin MS13-005 - Important
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
- http://technet.microsoft.com/en-us/s...letin/ms13-005
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-006 - Important
Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220)
- http://technet.microsoft.com/en-us/s...letin/ms13-006
Important - Security Feature Bypass - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-007 - Important
Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
- http://technet.microsoft.com/en-us/s...letin/ms13-007
Important - Denial of Service - May require restart - Microsoft Windows, Microsoft .NET Framework
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=14854
Last Updated: 2013-01-08 18:02:06 UTC
___
Bulletin Deployment Priority
> https://blogs.technet.com/cfs-filesy...Deployment.png
Severity and Exploitabilty Index
> https://blogs.technet.com/cfs-filesy...3-Severity.png
- http://blogs.technet.com/b/msrc/arch...edirected=true
8 Jan 2013
___
- https://secunia.com/advisories/51640/ - MS13-001
- https://secunia.com/advisories/51773/ - MS13-002
- https://secunia.com/advisories/51686/ - MS13-003
- https://secunia.com/advisories/51777/ - MS13-004
- https://secunia.com/advisories/51704/ - MS13-005
- https://secunia.com/advisories/51724/ - MS13-006
- https://secunia.com/advisories/51772/ - MS13-007
___
MSRT
- https://support.microsoft.com/?kbid=890830
Last Review: January 9, 2013 - Revision: 118.7
- http://www.microsoft.com/security/pc...-families.aspx
"... added in this release...
• Ganelp
• Lefgroo..."
- https://blogs.technet.com/b/mmpc/arc...edirected=true
8 Jan 2013
Download:
- https://www.microsoft.com/download/e...ylang=en&id=16
File Name: Windows-KB890830-V4.16.exe - 16.8 MB
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.16.exe - 17.5 MB
.
Microsoft Security Advisories - 2013.01.08
FYI...
Microsoft Security Advisory (973811)
Extended Protection for Authentication
- http://technet.microsoft.com/en-us/s...dvisory/973811
• V1.14 (January 8, 2013): Updated the FAQ and Suggested Actions with information about attacks against NTLMv1 (NT LAN Manager version 1) and LAN Manager (LM) network authentication. Microsoft Fix it solutions for Windows XP and Windows Server 2003 are available to help protect against these attacks. Applying these Microsoft Fix it solutions enables NTLMv2 settings required for users to take advantage of Extended Protection for Authentication.
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in IE 10
- http://technet.microsoft.com/en-us/s...visory/2755801
• V6.0 (January 8, 2013): Added KB2796096* to the Current update section.
* http://support.microsoft.com/kb/2796096
:fear::fear:
IE patch to be released 1.14.2013
FYI...
IE patch to be released 1.14.2013
- http://technet.microsoft.com/en-us/s...letin/ms13-jan
January 13, 2013 - Version: 2.0 - "This is an advance notification for one out-of-band security bulletin that Microsoft is intending to release on January 14, 2013. The bulletin addresses a security vulnerability in Internet Explorer..."
- https://blogs.technet.com/b/msrc/arc...edirected=true
"... We recommend that you install this update as soon as it is available. This update for Internet Explorer 6-8 will be made available through Windows Update and our other standard distribution channels. If you have automatic updates enabled on your PC, you won’t need to take any action. If you applied the Fix it released in Security Advisory 2794220, you won’t need to uninstall it before applying the security update..."
:fear:
MS13-008 - IEv6-8 Critical update released ...
FYI...
Microsoft Security Bulletin MS13-008 - Critical
Security Update for Internet Explorer (2799329)
- http://technet.microsoft.com/en-us/s...letin/ms13-008
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Jan 14, 2013
:fear:
MS Security Advisories 2013.01.14
FYI...
Microsoft Security Advisory (2798897)
Fraudulent Digital Certificates Could Allow Spoofing
- http://technet.microsoft.com/en-us/s...visory/2798897
V1.1 (January 14, 2013): Corrected the disallowed certificate list effective date to "Monday, December 31, 2012 (or later)" in the FAQ entry, "After applying the update, how can I verify the certificates in the Microsoft Untrusted Certificates Store?"
Microsoft Security Advisory (2794220)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/s...visory/2794220
V2.0 (January 14, 2013): Advisory updated to reflect publication of security bulletin.
MS13-008
:fear:
MS Security Bulletin Summary - February 2013
FYI...
- http://technet.microsoft.com/en-us/s...letin/ms13-feb
February 12, 2013 - "This bulletin summary lists security bulletins released for February 2013...
(Total of -12-)
Microsoft Security Bulletin MS13-009 - Critical
Cumulative Security Update for Internet Explorer (2792100)
- https://technet.microsoft.com/en-us/...letin/ms13-009
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-010 - Critical
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2797052)
- https://technet.microsoft.com/en-us/...letin/ms13-010
Critical - Remote Code Execution - May require restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-011 - Critical
Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)
- http://technet.microsoft.com/en-us/s...letin/ms13-011
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-012 - Critical
Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2809279)
- http://technet.microsoft.com/en-us/s...letin/ms13-012
Critical - Remote Code Execution - May require restart - Microsoft Server Software
Microsoft Security Bulletin MS13-020 - Critical
Vulnerability in OLE Automation Could Allow Remote Code Execution (2802968)
- http://technet.microsoft.com/en-us/s...letin/ms13-020
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-013 - Important
Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242)
- http://technet.microsoft.com/en-us/s...letin/ms13-013
Important - Remote Code Execution - May require restart Microsoft Office, Microsoft Server Software
Microsoft Security Bulletin MS13-014 - Important
Vulnerability in NFS Server Could Allow Denial of Service (2790978)
- http://technet.microsoft.com/en-us/s...letin/ms13-014
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-015 - Important
Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)
- http://technet.microsoft.com/en-us/s...letin/ms13-015
Important - Elevation of Privilege - May require restart - Microsoft Windows, Microsoft .NET Framework
Microsoft Security Bulletin MS13-016 - Important
Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778344)
- http://technet.microsoft.com/en-us/s...letin/ms13-016
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-017 - Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494)
- http://technet.microsoft.com/en-us/s...letin/ms13-017
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-018 - Important
Vulnerability in TCP/IP Could Allow Denial of Service (2790655)
- https://technet.microsoft.com/en-us/...letin/ms13-018
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-019 - Important
Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2790113)
- http://technet.microsoft.com/en-us/s...letin/ms13-019
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___
Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy..._2D00_-png.png
Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy..._2D00_-png.png
- http://blogs.technet.com/b/msrc/arch...edirected=true
"... 12 bulletins, five Critical-class and seven Important-class, addressing 57 vulnerabilities in Microsoft Windows, Office, Internet Explorer, Exchange and .NET Framework..."
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=15142
Last Updated: 2013-02-13
- http://atlas.arbor.net/briefs/index#332003461
High Severity
Feb 13, 2013
Analysis: Many attackers are likely frustrated that their vulnerabilities have now been patched. However, those same attackers still have a significant window of opportunity because not everyone can, or will patch in a timely manner, as has been clearly demonstrated in the widespread use of commodity exploit kits as well as numerous targeted attacks that continue to reign in victims despite vulnerabilities being patched years ago in some cases. The most critical patches are for Internet Explorer, a major target for exploitation due to it's widespread use. Additional hardening in sensitive environments can help reduce the impact of exploitation attempts until patches can be deployed, and robust monitoring can help detect those exploit attempts to provide valuable security intelligence...
___
- https://secunia.com/advisories/52122/ - MS13-009
- https://secunia.com/advisories/52129/ - MS13-010
- https://secunia.com/advisories/52130/ - MS13-011
- https://secunia.com/advisories/52133/ - MS13-012
- https://secunia.com/advisories/52136/ - MS13-013
- https://secunia.com/advisories/52138/ - MS13-014
- https://secunia.com/advisories/52143/ - MS13-015
- https://secunia.com/advisories/52156/ - MS13-016
- https://secunia.com/advisories/52157/ - MS13-017
- https://secunia.com/advisories/52158/ - MS13-018
- https://secunia.com/advisories/52162/ - MS13-019
- https://secunia.com/advisories/52184/ - MS13-020
- https://secunia.com/advisories/52164/ - IE10 Flash
___
MSRT
- https://support.microsoft.com/?kbid=890830
Last Review: February 12, 2013 - Revision: 119.0
- http://www.microsoft.com/security/pc...-families.aspx
"... added in this release...
• Sirefef..."
Download:
- https://www.microsoft.com/download/e...ylang=en&id=16
File Name: Windows-KB890830-V4.17.exe - 17.6 MB
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.17.exe - 18.3 MB
.
MS Security Bulletin Summary - March 2013
FYI...
- http://technet.microsoft.com/en-us/s...letin/ms13-mar
March 12, 2013 - "This bulletin summary lists security bulletins released for March 2013.
(Total of -7-)
Microsoft Security Bulletin MS13-021 - Critical
Cumulative Security Update for Internet Explorer (2809289)
- https://technet.microsoft.com/en-us/...letin/ms13-021
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-022 - Critical
Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)
- http://technet.microsoft.com/en-us/s...letin/ms13-022
Critical - Remote Code Execution - Does not require restart - Microsoft Silverlight
Microsoft Security Bulletin MS13-023 - Critical
Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261)
- http://technet.microsoft.com/en-us/s...letin/ms13-023
Critical - Remote Code Execution - May require restart - Microsoft Office
Microsoft Security Bulletin MS13-024 - Critical
Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)
- http://technet.microsoft.com/en-us/s...letin/ms13-024
Critical - Elevation of Privilege - May require restart - Microsoft Office, Microsoft Server Software
Microsoft Security Bulletin MS13-025 - Important
Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)
- http://technet.microsoft.com/en-us/s...letin/ms13-025
Important - Information Disclosure - May require restart - Microsoft Office
Microsoft Security Bulletin MS13-026 - Important
Vulnerability in Office Outlook for Mac Could Allow Information Disclosure (2813682)
- https://www.microsoft.com/technet/se...letin/MS13-026
Important - Information Disclosure - Does not require restart - Microsoft Office
Microsoft Security Bulletin MS13-027 - Important
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)
- http://technet.microsoft.com/en-us/s...letin/MS13-027
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___
Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy...1.DP-Slide.PNG
Severity and Exploitability index
- https://blogs.technet.com/cfs-filesy...rity-Slide.PNG
- https://blogs.technet.com/b/msrc/arc...edirected=true
12 Mar 2013
- https://blogs.technet.com/b/srd/arch...edirected=true
12 Mar 2013 - "... seven security bulletins addressing 20 CVE’s..."
- https://www.computerworld.com/s/arti...ial_USB_hijack
"... nine critical vulnerabilities in the bulletin MS13-021 for Internet Explorer. They affect -every- current version of Internet Explorer, versions 6 through 10..."
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=15385
Last Updated: 2013-03-13 08:48:46 UTC
___
MSRT
- https://support.microsoft.com/?kbid=890830
Last Review: March 12, 2013 - Revision: 120.0
- http://www.microsoft.com/security/pc...-families.aspx
"... added in this release...
• Wecykler..."
- https://blogs.technet.com/b/mmpc/arc...edirected=true
11 Mar 2013
Download:
- https://www.microsoft.com/download/e...ylang=en&id=16
File Name: Windows-KB890830-V4.18.exe - 18.6 MB
- https://www.microsoft.com/download/e...s.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.18.exe - 19.3 MB
.
Windows 7 SP1 to start rolling out on Windows Update
FYI...
Windows 7 SP1 to start rolling out on Windows Update
- http://blogs.windows.com/windows/b/b...ws-update.aspx
Mar 18, 2013 - "... Windows 7 RTM (with no service pack) will no longer be supported as of April 9th, 2013..."
:fear:
MS Security Advisory 2819682 ...
FYI...
Microsoft Security Advisory (2819682)
Security Updates for Microsoft Windows Store Applications
- http://technet.microsoft.com/en-us/s...visory/2819682
March 26, 2013 - "Microsoft is announcing the availability of security updates for Windows Store applications running on Windows 8, Windows RT, and Windows Server 2012 (Windows Server 2012 Server Core installations are not affected). The updates address vulnerabilities that are detailed in the Knowledge Base articles associated with each update..."
> http://support.microsoft.com/kb/2832006
March 26, 2013 - Revision: 1.0
Applies to:
Windows RT
Windows 8
Windows 8 Enterprise
Windows 8 Pro
Windows Server 2012 Datacenter
Windows Server 2012 Essentials
Windows Server 2012 Foundation
Windows Server 2012 Standard
___
- https://secunia.com/advisories/52779/
Release Date: 2013-03-27
Impact: Spoofing
Where: From remote...
Original Advisory:
- http://technet.microsoft.com/en-us/s...visory/2819682
- http://support.microsoft.com/kb/2832006
:fear: