Skip to content

November 2013 Patch Recommendations

8 Security Bulletins were released – 3 Critical, 5 Important, and 0 Moderate

This Month In Brief

We have not uncovered any widespread problems with any of these patches and are releasing all of them.

MS13-090 is a zero day vulnerability reported a few days ago. This is an update for ActiveX Kill Bits and is already being actively exploited in the wild. Microsoft was already aware of the problem and had created and tested the fix. Make sure MS13-090 gets installed along with MS13-088 (a cumulative IE update) to Internet Explorer fully secured.

Also of interest is a second zero day flaw which remains unpatched. This vulnerability involving how Office handles .TIFF graphics files. Microsoft Security Advisory (2896666) – http://technet.microsoft.com/en-us/security/advisory/2896666 There is some debate over the urgency of this but we expect Microsoft to release and out-of-band before December’s Patch Tuesday. We will release the patch as soon as it becomes available as is our policy for out-of band patches.

No out-of-band updates were released during the last month.

Exploitability

Requires Restart

  • Servers: Yes
  • Workstations: Yes

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS13-088 Cumulative Security Update for Internet Explorer (2888505) (Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
KB in Kaseya: KB2888505
Affected Software: Internet Explorer
Known Issues per MS:
MS13-089 Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331) (WordPad) The vulnerability could allow remote code execution if a user views or opens a specially crafted Windows Write file in WordPad.
Details
KB in Kaseya: KB2876331
Affected Software: XP, Vista, Windows 7/8, Server 2003, Server 2008/2008R2/2012, Windows RT
Known Issues per MS:
MS13-090 Cumulative Security Update of ActiveX Kill Bits (2900986) (Internet Explorer) The vulnerability could allow remote code execution if a user views a specially crafted webpage with Internet Explorer, instantiating the ActiveX control.
Details
KB in Kaseya: KB2900986
Affected Software: XP, Vista, Windows 7/8, Windows RT
Known Issues per MS:

IMPORTANT

MS13-091 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093) (Microsoft Word) The vulnerabilities could allow remote code execution if a specially crafted WordPerfect document file is opened in an affected version of Microsoft Office software.
Details
KB in Kaseya: KB2553284, KB2760415, KB2760494, KB2760781, KB2768005
Affected Software: Office 2003, 2007, 2010, 2013, 2013 RT
Known Issues per MS:
MS13-092 Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986) (Hyper-V) The vulnerability could allow elevation of privilege if an attacker passes a specially crafted function parameter in a hypercall from an existing running virtual machine to the hypervisor.
Details
KB in Kaseya: KB2893986
Affected Software: Windows 8, Server 2008
Known Issues per MS:
MS13-093 Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure (2875783) (Windows Kernel) The vulnerability could allow information disclosure if an attacker logs on to an affected system as a local user, and runs a specially crafted application on the system that is designed to enable the attacker to obtain information from a higher-privileged account.
Details
KB in Kaseya: KB2875783
Affected Software: XP, Windows 7/8, Server 2003, Server 2008/2008R2/2012
Known Issues per MS:
MS13-094 Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514) (Outlook) The vulnerability could allow information disclosure if a user opens or previews a specially crafted email message using an affected edition of Microsoft Outlook.
Details
KB in Kaseya: KB2825644, KB2837597, KB2837618
Affected Software: Office 2007, 2010, 2013, 2013 RT
Known Issues per MS: https://support.microsoft.com/kb/2894514
MS13-095 Vulnerability in Digital Signatures Could Allow Denial of Service (2868626) (Windows) The vulnerability could allow denial of service when an affected web service processes a specially crafted X.509 certificate.
Details
KB in Kaseya: KB2868626
Affected Software: XP, Vista, Windows 7/8, Server 2003, Server 2008/2008R2/2012, Windows RT
Known Issues per MS:
Scroll To Top