Microsoft Security Bulletin Advance Notification for June 2013

Five Bulletins, One Critical in Microsoft’s June Patch:

http://threatpost.com/five-bulletins-one-critical-in-microsofts-june-patch/

 

I'm reading that those that are subscribed to email notifications for this have not yet received this as of yet. Nor have I.

 

Microsoft Patch Tuesday - with or without 0-day patch?

http://www.h-online.com/security/ne...sday-with-or-without-0-day-patch-1884612.html

 

Microsoft announces five Bulletins for Patch Tuesday, including Office for Mac:

http://nakedsecurity.sophos.com/201...s-for-patch-tuesday-including-office-for-mac/

 

Should be a fairly busy patch Tuesday:
http://www.computerworld.com/s/article/9239883/Microsoft_to_tackle_under_attack_Office_bug_next_week

 

What a mess! I got Windows 7 x86, and it offered two Internet Explorer 10 updates, one being for x64 (Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2838727)).

At this page it mentions 32-bit as being vulnerable as well: -https://technet.microsoft.com/en-us/security/bulletin/ms13-047



The other IE10 update I got is KB2859903 (Update for Internet Explorer 10 for Windows 7 Service Pack 1 (KB2859903)), which apparently is for Windows Server 2008? -https://www.microsoft.com/en-us/download/details.aspx?id=39240

WTH

 

Report the issue to the MS Team:
http://answers.microsoft.com/en-us/windows/forum/windows_update

 

I'll pass. I don't use IE that often (and blocked most of the time as well), and I don't feel like registering to report anything, unless it was too serious.

I suppose the whole thing about PRISM is behind this confusion. lol

 

Thanks Ron and Nick!
I got 2839229 and 2838727 (and the Malic. Soft. Rem. Tool) on XP.

I have a question about 2808679. Not sure whether to start a new thread about that; I'll do it but I would (of course!) not have a problem if you would merge it here in this thread.

 

OK, I'll do that.

 

On my XP I saw that there was today an optional update 2808679.

http://support.microsoft.com/kb/2808679

Article ID: 2808679 - Last Review: June 11, 2013 - Revision: 2.0

I haven't yet installed it. I tend to do so.
But I would like to hear your opinions.
Thanks in advance!

Edit:
It's not completely clear to me. Maybe I haven't yet read it good enough.

 

Microsoft Patches IE Again; Ormandy Bug Waits:

http://threatpost.com/microsoft-patches-ie-again-ormandy-bug-waits/

 

Even if the KB for XP shows as optional user judgement should prevail as with Root Certs updates on XP also list as optional.

Go ahead and install it.

 

Updates applied to a Windows 7 32 bit machine - your mileage will vary.

MS13-051: Description of the security update for Office 2003 Service Pack 3: June 11, 2013
http://support.microsoft.com/kb/2817421

Microsoft Security Bulletin MS13-047 - Critical
Cumulative Security Update for Internet Explorer (2838727)
https://technet.microsoft.com/en-us/security/bulletin/ms13-047

Microsoft Security Advisory (2854544)
Update to Improve Cryptography and Digital Certificate Handling in Windows
https://technet.microsoft.com/en-us/security/advisory/2854544

Microsoft Security Bulletin MS13-048 - Important
Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
https://technet.microsoft.com/en-ca/security/bulletin/ms13-048

Microsoft Security Bulletin MS13-050 - Important
Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)
https://technet.microsoft.com/en-us/security/bulletin/ms13-050

Microsoft Security Bulletin MS13-049 - Important
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
https://technet.microsoft.com/en-us/security/bulletin/ms13-049

Update for Internet Explorer 10 for Windows 7 and Windows Server 2008 R2
http://support.microsoft.com/kb/2859903

An update is available for the .NET Framework 3.5.1 on Windows 7 SP1 and Windows Server 2008 R2 SP1: June 2013
http://support.microsoft.com/kb/2836942

An update is available for the .NET Framework 3.5.1 on Windows 7 SP1 and Windows Server 2008 R2 SP1: June 2013
http://support.microsoft.com/kb/2836943

An update is available for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008R2: June 2013
http://support.microsoft.com/kb/2836939

Update that protects from internal URL port scanning is available for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012
http://support.microsoft.com/kb/2808679

"0x00000050" Stop error after you install update 2670838 on a computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1
http://support.microsoft.com/kb/2834140

Certain JPEG images cannot be displayed after you install update 2670838 on a Windows 7 SP1 or Windows Server 2008 R2 SP1-based computer
http://support.microsoft.com/kb/2836502

 

Patch Tuesday June 2013 - Office, Windows and Flash:

http://nakedsecurity.sophos.com/2013/06/11/patch-tuesday-june-2013-office-windows-and-flash/

 

Microsoft patches critical IE vulnerabilities and actively exploited Office flaw.
Patching the vulnerabilities in IE and Office should be a priority, security researchers said.

http://www.computerworld.com/s/arti..._actively_exploited_Office_flaw?taxonomyId=17

 

Those would have been:

Microsoft Security Bulletin MS13-051 - Important
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
http://technet.microsoft.com/en-us/security/bulletin/ms13-051

Microsoft Security Bulletin MS13-047 - Critical
Cumulative Security Update for Internet Explorer (2838727)
https://technet.microsoft.com/en-us/security/bulletin/ms13-047

 

Patch Tuesday: And EVERY version of IE needs fixing AGAIN:

http://www.theregister.co.uk/2013/06/12/ms_june_patch_tuesday/

 

Those that are still using Windows XP:
http://blogs.windows.com/windows/b/...now-support-for-windows-xp-ends-now-what.aspx