9 Security Bulletins were released – 2 Critical, 7 Important, and 0 Moderate
Noteworthy Patch News
MS13-036 has been denied in all VA patch policies. All of the remaining patches have been approved.
MS13-028 is a cumulative update for Internet Explorer and MS13-29 is for RDP. They are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed.
MS13-036 in detail
This bulletin contains KB2808735 and KB2823324. These are rated Important. While both have known issues, KB2823324 has serious problems – See: https://virtualadministrator.com/blog/problems-with-ms13-036kb-2823324-patch-do-not-install/. As a precaution we have denied both until Microsoft fixes them.
Microsoft Announcement posted 7:00 PM ET on 4/11/2013
“Microsoft is investigating behavior wherein systems may fail to recover from a reboot or applications fails to load after security update 2823324 is applied. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate.”
Kaspersky and KB2823324: End points with KAV installed are almost guaranteed to have problems with KB2823324
If KB2823324 is installed you may experience one or both of these problems.
The chkdsk utility is launched after the computer is restarted upon KB2823324 update installation
“Your license is not valid. Protection disabled” message is displayed after installing KB2823324 update
No out-of-band updates were released during the last month.
This Month In Brief
- Publically disclosed: MS13-030, MS13-036
- Being exploited: MS13-035
- Rated CRITICAL: MS13-028, MS13-029
- (The Severity Rating System: http://technet.microsoft.com/en-us/security/bulletin/rating )
- Servers: Yes
- Workstations: Yes
New Security Bulletins
|MS13-028 (Cumulative Security Update for Internet Explorer )||(Internet Explorer) These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
|MS13-029 (Vulnerability in Remote Desktop Client Could Allow Remote Code Execution )||(Remote Desktop) The vulnerability could allow remote code execution if a user views a specially crafted webpage.