Microsoft security bulletin for November 12 2013

Microsoft security bulletin for November 12 2013
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).


Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

http://technet.microsoft.com/en-us/security/bulletin/ms13-nov

Critical (3)

Microsoft Security Bulletin MS13-088 - Critical

Cumulative Security Update for Internet Explorer (2888505)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-088



Microsoft Security Bulletin MS13-089 - Critical

Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-089


Microsoft Security Bulletin MS13-090 - Critical

Cumulative Security Update of ActiveX Kill Bits (2900986)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-090



Important (5)


Microsoft Security Bulletin MS13-091 - Important

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-091


Microsoft Security Bulletin MS13-092 - Important

Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-092


Microsoft Security Bulletin MS13-093 - Important

Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure (2875783)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-093


Microsoft Security Bulletin MS13-094 - Important

Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514)

Published: Tuesday, November 12, 2013
http://technet.microsoft.com/en-us/security/bulletin/ms13-094


Microsoft Security Bulletin MS13-095 - Important

Vulnerability in Digital Signatures Could Allow Denial of Service (2868626)

Published: Tuesday, November 12, 2013
https://technet.microsoft.com/en-us/security/bulletin/ms13-095


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

Microsoft Webcast: Information about the November 2013 Security Bulletin Release


Event ID:

1032557383

Starts: Wednesday, November 13, 2013 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration: 1 hour(s)


Language(s):

English.


Product(s):

computer security and information security.


Audience(s):

IT Decision Maker and IT Manager.


Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.


Presented by:

Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

and

TPD



Register now for the NOVEMBER Security Bulletin webcast.

 

MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck

Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest.

We’ve discussed the Microsoft Baseline Security Analyzer (MBSA) tool in this and many other webcasts, and I’m happy to report version 2.3 is now available. This new version adds support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. However, Windows 2000 systems will no longer be supported by MBSA. If you aren’t familiar with the tool or would just like to know more about it, we encourage you to read the FAQ found on the Security TechCenter. Thanks also go out to everyone who participated in the public preview leading up to this release.
http://blogs.technet.com/b/msrc/arc...-bulletin-webcast-q-amp-a-and-slide-deck.aspx

 

Get security updates automatically




Ready to download the latest updates? Skip the details and go to Microsoft Update.



Turn on automatic updating in the control panel


You might already have automatic updating turned on. To find out, go to the Microsoft Update website. Windows Update in Control Panel will open and if automatic updating is not turned on you'll be guided through the steps to set it up. After that, all the latest security and performance improvements will be installed on your PC quickly and reliably.


Pay attention to Windows Update warnings


When you turn on automatic updating, most updates will download and install on their own. Sometimes Windows Update will need your input during an installation. In this case, you'll see an alert in the notification area at the far right of the taskbar—be sure to click it.


Make sure automatic updating is turned on in Windows 8


In Windows 8, Windows will turn on automatic updating during setup unless you choose to turn it off. To check this setting and turn on automatic updating, open the Search charm, enter Turn automatic updating on or off, and tap or click Settings to find it.


Other steps you can take to help protect your computer


■Make sure you have a firewall turned on and up-to-date antivirus and antispyware programs.
■Scan and clean your computer to remove malicious software.



End of support for Windows XP


Support is ending for some versions of Windows, and security updates will no longer be available for those versions. Find out what you need to do.


Technical information about security updates


If you are an IT professional or a system administrator, or if you’d like additional information about security updates, go to Security TechCenter or read the Microsoft Security Response Centre Blog.


http://www.microsoft.com/en-gb/security/pc-security/updates.aspx

 

Microsoft Security Advisory (2914486)

Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege

Published: Wednesday, November 27, 2013


Revisions
V1.0 (November 27, 2013): Advisory published.
https://technet.microsoft.com/en-us/security/advisory/2914486

 

Microsoft Security Advisory (2916652)

Improperly Issued Digital Certificates Could Allow Spoofing

Published: Monday, December 09, 2013

Revisions
V1.0 (December 9, 2013): Advisory published.
https://technet.microsoft.com/en-us/security/advisory/2916652