Skip to content

Virtual Administrator’s April 2013 Patch Recommendations

9 Security Bulletins were released – 2 Critical, 7 Important, and 0 Moderate

Noteworthy Patch News

MS13-036 has been denied in all VA patch policies. All of the remaining patches have been approved.

MS13-028 is a cumulative update for Internet Explorer and MS13-29 is for RDP. They are rated Critical. After your next patch cycle completes you should follow up and make sure this is installed.

MS13-036 in detail

This bulletin contains KB2808735 and KB2823324. These are rated Important. While both have known issues, KB2823324 has serious problems – See: https://virtualadministrator.com/blog/problems-with-ms13-036kb-2823324-patch-do-not-install/. As a precaution we have denied both until Microsoft fixes them.

Microsoft Announcement posted 7:00 PM ET on 4/11/2013
“Microsoft is investigating behavior wherein systems may fail to recover from a reboot or applications fails to load after security update 2823324 is applied. Microsoft recommends that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate.”
http://support.microsoft.com/kb/2823324

Kaspersky and KB2823324: End points with KAV installed are almost guaranteed to have problems with KB2823324

If KB2823324 is installed you may experience one or both of these problems.

The chkdsk utility is launched after the computer is restarted upon KB2823324 update installation

-See: http://support.kaspersky.com/9750

“Your license is not valid. Protection disabled” message is displayed after installing KB2823324 update

-See: http://support.kaspersky.com/9751

No out-of-band updates were released during the last month.

This Month In Brief

Exploitability

Requires Restart

  • Servers: Yes
  • Workstations: Yes

New Security Bulletins

(MS#/Affected Software/Type)

CRITICAL

MS13-028 (Cumulative Security Update for Internet Explorer ) (Internet Explorer) These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
Details
KB in Kaseya: KB2817183
Affected Software: XP, Vista, Windows 7/8, Server 2012
Known Issues per MS: https://support.microsoft.com/kb/2817183
MS13-029 (Vulnerability in Remote Desktop Client Could Allow Remote Code Execution ) (Remote Desktop) The vulnerability could allow remote code execution if a user views a specially crafted webpage.
Details
KB in Kaseya: KB2813345, KB2813347
Affected Software: XP, Vista, Server 2003, Server 2008, Server 2008 R2, Windows 7
Known Issues per MS: None

IMPORTANT

MS13-030 ((SharePoint) The vulnerability could allow information disclosure if an attacker determined the address or location of a specific SharePoint list and gained access to the SharePoint site where the list is maintained.) (SharePoint) The vulnerability could allow information disclosure if an attacker determined the address or location of a specific SharePoint list and gained access to the SharePoint site where the list is maintained.
Details
KB in Kaseya: KB2737969
Affected Software: SharePoint Server 2013
Known Issues per MS: https://support.microsoft.com/kb/2827663
MS13-031 ((Windows Kernel) The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.) (Windows Kernel) The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
Details
KB in Kaseya: KB2813170
Affected Software: XP, Vista, Windows 7/8, Server 2003, Server 2008/2008R2/2012
Known Issues per MS:
MS13-032 ((Active Directory) The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.) (Active Directory) The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.
Details
KB in Kaseya: KB2772930, KB2801109
Affected Software: XP, Vista, Windows 7/8, Server 2003, Server 2008/2008R2/2012
Known Issues per MS:
MS13-033 ((Client/Server Run-time Subsystem /CSRSS) The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.) (Client/Server Run-time Subsystem /CSRSS) The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application.
Details
KB in Kaseya: KB2820917
Affected Software: XP, Vista, Server 2003, Server 2008
Known Issues per MS:
MS13-034 ((Microsoft Antimalware) The vulnerability could allow elevation of privilege due to the pathnames used by the Microsoft Antimalware Client.) (Microsoft Antimalware) The vulnerability could allow elevation of privilege due to the pathnames used by the Microsoft Antimalware Client.
Details
KB in Kaseya: KB2781197
Affected Software: Windows 8, Windows RT
Known Issues per MS:
MS13-035 ((HTML Sanitization) The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.) (HTML Sanitization) The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.
Details
KB in Kaseya: KB2687421, KB2687422, KB2687424, KB2760406, KB2760408, KB2760777, KB2810059
Affected Software: SharePoint Foundation 2010,Groove Server 2010,Office Web Apps 2010,Office SharePoint Server 2010,SharePoint Server 2010,InfoPath 2010
Known Issues per MS: https://support.microsoft.com/kb/2821818
MS13-036 ((Windows kernel mode drivers) The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. ) (Windows kernel mode drivers) The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.
Details
KB in Kaseya: KB2808735, KB2823324
Affected Software: XP, Vista, Windows 7/8/RT, Server 2003, Server 2008/2008R2/2012
Known Issues per MS: https://support.microsoft.com/kb/2829996
http://support.microsoft.com/kb/2823324
http://support.microsoft.com/kb/2839011
Scroll To Top