Patch Tuesday Wednesday (Sep-2013)

This month Microsoft have released thirteen (13) security bulletins of which four (4) have a maximum rating of Critical, and nine (9) have a maximum rating of Important.

This month we released 13 bulletins–four Critical and nine Important–which addressed 47 unique CVEs in Microsoft Windows, Office, Internet Explorer and SharePoint. For those who need to prioritize their deployment planning, we recommend focusing on MS13-067, MS13-068, and MS13-069 first. [1]

Bulletin KB number Description Impact / Severity Software
MS13-067 2834052 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Office, Microsoft Server Software
MS13-068 2756473 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Office
MS13-069 2870699 Cumulative Security Update for Internet Explorer Critical :
Remote Code Execution
Microsoft Windows, Internet Explorer
MS13-070 2876217 Vulnerability in OLE Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Windows
MS13-071 2864063 Vulnerability in Windows Theme File Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Windows
MS13-072 2845537 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office
MS13-073 2858300 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office
MS13-074 2848637 Vulnerabilities in Microsoft Access Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office
MS13-075 2878687 Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Office
MS13-076 2876315 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Windows
MS13-077 2872339 Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege Important :
Elevation of Privilege
Microsoft Windows
MS13-078 2825621 Vulnerability in FrontPage Could Allow Information Disclosure Important :
Information Disclosure
Microsoft Office
MS13-079 2853587 Vulnerability in Active Directory Could Allow Denial of Service Important :
Denial of Service
Microsoft Windows

PATCH NOW:
* MS13-067 : SharePoint Server
* MS13-068 : Microsoft Outlook
* MS13-069 : Internet Explorer

ISSUES: [4]
There are several issues being reported with this month’s patches;
* KB2868116: Takes very long to install. Just sit back and wait (30-45 Minutes). This patch improves the content of warning messages, so it is somewhat security relevant, but does not patch an actual vulnerability.
* KB2817630: Causes Outlook to loose all folders. No workaround other then removing the patch. This was not a security patch.

Advertisements
This entry was posted in microsoft, Patch_Tuesday, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s