13 Security Bulletins were released – 4 Critical, 9 Important, and 0 Moderate
This Month In Brief
KB2817630 (a non-security update for Microsoft Office 2013) has been denied in all patch policies. Details are below.
All security updates have been approved.
13 Security Bulletins makes this the largest Patch Tuesday of 2013 so far. On top of that there known reporting issues with MS13-072 and MS13-073.
Top priority for servers is SharePoint MS13-067. While this vulnerability is public, Microsoft reports it is difficult to exploit. MS13-068 and MS13-069 are fixes for Internet Explorer and Outlook. These apply to all versions of Internet Explorer and Outlook 2007/2010 and will consequently affect a large number of machines.
MS13-072 and MS13-073 were approved by VA because the installation problems do not affect the performance of the end points. KB2760411, KB2760588, and KB2760583 are parts of the MS13-072 and MS13-073. In some case they appear to be causing an installation loop. This is a reporting issue. The patches are installed however they may be reported as missing. Hopefully Microsoft will resolve this shortly but in the meantime do not be too concerned if these patches appear missing. You can check Add/Remove on the Kaseya Audit tab to verify they are installed.
Microsoft was slow to acknowledge this but finally posted:
â€œYou may be repeatedly offered this update even though it is already installed. Microsoft is researching this problem and will post more information in this article when the information becomes available.â€
MS13-073: Description of the security update for Microsoft Excel 2007 (xlconv-x-none.msp): September 10, 2013
MS13-072: Description of the security update for 2007 Office system (MSO): September 10, 2013
MS13-073: Description of the security update for Microsoft Office Excel 2007: September 10, 2013
This is a good thread for all the latest action – http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/updates-trying-to-install-over-and-over-again/2a624908-f4b1-46d8-87ed-caa09674ff4f
Update for Microsoft Office 2013 (KB2817630) This update was removed by Microsoft within 3 hours of its release last Tuesday – â€œOutlook 2013 Folder Pane Disappears After Installing September 2013 Public Updateâ€ (http://blogs.technet.com/b/office_sustained_engineering/archive/2013/09/11/outlook-folder-pane-disappears-after-installing-september-2013-public-update.aspx)
If you have machines that are not configured to use Kaseya Patch Management and KB2817630 was installed, the above link offers guidance.
- Publically disclosed: MS13-067
- Being exploited: None
- Rated CRITICAL: MS13-067, MS13-068, MS13-069, MS13-070
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating)
- Servers: Yes
- Workstations: Yes
New Security Bulletins
|MS13-067 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)||(SharePoint Server) The most severe vulnerability could allow remote code execution in the context of the W3WP service account if an attacker sends specially crafted content to the affected server.
|MS13-068 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756473)||(Outlook) The vulnerability could allow remote code execution if a user opens or previews a specially crafted email message using an affected edition of Microsoft Outlook.
|MS13-069 Cumulative Security Update for Internet Explorer (2870699)||(Internet Explorer) The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
|MS13-070 Vulnerability in OLE Could Allow Remote Code Execution (2876217)||(OLE) The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
|MS13-071 Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063)||(Windows Theme File) The vulnerability could allow remote code execution if a user applies a specially crafted Windows theme on their system.
|MS13-072 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)||(Office) The most severe vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Office software.
|MS13-073 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)||(Excel) The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Office file with an affected version of Microsoft Excel or other affected Microsoft Office software.
|MS13-074 Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (2848637)||(Access) The vulnerabilities could allow remote code execution if a user opens a specially crafted Access file with an affected version of Microsoft Access.
|MS13-075 Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687)||(Office IME (Chinese)) The vulnerability could allow elevation of privilege if a logged on attacker launches Internet Explorer from the toolbar in Microsoft Pinyin IME for Simplified Chinese.
|MS13-076 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2876315)||(Kernel-Mode Drivers) The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
|MS13-077 Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (2872339)||(Service Control Manager ) The vulnerability could allow elevation of privilege if an attacker convinces an authenticated user to execute a specially crafted application.
|MS13-078 Vulnerability in FrontPage Could Allow Information Disclosure (2825621)||(FrontPage) The vulnerability could allow information disclosure if a user opens a specially crafted FrontPage document.
|MS13-079 Vulnerability in Active Directory Could Allow Denial of Service (2853587)||(Active Directory) The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.