8 Security Bulletins were released – 4 Critical, 4 Important, and 0 Moderate
This Month In Brief
We have not uncovered any widespread problems with any of these patches and are releasing all of them.
MS13-080 is the top priority this month. It is a cumulative security update for Internet Explorer. It includes patches for two separate vulnerabilities that are currently being exploited in the wild. Many feel Microsoft should have released this as an out-of-band patch weeks ago. After your next patch cycle completes you should follow up and make sure this is installed.
Also take note of the “Known Issues” for MS13-081 (https://support.microsoft.com/kb/2870008). In particular “KB2884256 – USB devices may stop working.” and “KB2868038 – your audio playback device may be reset to use the system speaker.” This is a good reminder that your support staff should always be aware of the Patch Tuesday cycle and suspect patches first when troubleshooting “oddball” problems this time of the month.
No out-of-band updates were released during the last month.
Worth mentioning: This month marks the 10th anniversary of Patch Tuesday.
Exploitability
- Publically disclosed: MS13-080, MS13-082
- Being exploited: MS13-080
- Rated CRITICAL: MS13-080, MS13-081, MS13-082, MS13-083
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
Requires Restart
- Servers: Yes
- Workstations: Yes
New Security Bulletins
(MS#/Affected Software/Type)
CRITICAL
MS13-080 Cumulative Security Update for Internet Explorer (2879017) | (Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. |
|
MS13-081 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008) | (Kernel-Mode Drivers) The most severe of these vulnerabilities could allow remote code execution if a user views shared content that embeds OpenType or TrueType font files. |
|
MS13-082 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890) | (.NET Framework) The most severe of the vulnerabilities could allow remote code execution if a user visits a website containing a specially crafted OpenType font (OTF) file using a browser capable of instantiating XBAP applications. |
|
MS13-083 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058) | (Windows Common Control Library) The vulnerability could allow remote code execution if an attacker sends a specially crafted web request to an ASP.NET web application running on an affected system. |
IMPORTANT
MS13-084 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089) | (SharePoint Server) The most severe vulnerability could allow remote code execution if a user opens a specially crafted Office file in an affected version of Microsoft SharePoint Server, Microsoft Office Services, or Web Apps. |
|
MS13-085 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) | (Excel) The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file with an affected version of Microsoft Excel or other affected Microsoft Office software. |
|
MS13-086 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084) | (Word) The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Word or other affected Microsoft Office software. |
|
MS13-087 Vulnerability in Silverlight Could Allow Information Disclosure (2890788) | (Silverlight) The vulnerability could allow information disclosure if an attacker hosts a website that contains a specially crafted Silverlight application that is designed to exploit this vulnerability and then convinces a user to view the website. |