Microsoft security bulletin for October 8 2013

Discussion in 'other security issues & news' started by NICK ADSL UK, Oct 8, 2013.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,505
    Location:
    UK
    Microsoft security bulletin for October 8 2013
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).
    http://technet.microsoft.com/en-us/security/bulletin/ms13-oct

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:

    Critical (4)
    Microsoft Security Bulletin MS13-080
    Cumulative Security Update for Internet Explorer (2879017)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-080

    Microsoft Security Bulletin MS13-081
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (287000:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-081

    Microsoft Security Bulletin MS13-082
    Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-082

    Microsoft Security Bulletin MS13-083
    Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (286405:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-083





    Important (4)
    Microsoft Security Bulletin MS13-084
    Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-084

    Microsoft Security Bulletin MS13-085
    Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-085

    Microsoft Security Bulletin MS13-086
    Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-086

    Microsoft Security Bulletin MS13-087
    Vulnerability in Silverlight Could Allow Information Disclosure (289078:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-087


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
    NICK ADSL UK, Oct 8, 2013
    #1
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,505
    Location:
    UK
    Microsoft Webcast: Information about the October 2013 Security Bulletin Release

    Event ID:

    1032557381

    Starts: Wednesday, October 09, 2013 11:00 AM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)


    Language(s):

    English.



    Product(s):

    computer security and information security.



    Audience(s):

    IT Decision Maker and IT Manager.


    Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.


    Presented by:

    Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

    and


    Jonathan Ness, Security Development Manager, Microsoft Corporation



    Register now for the october Security Bulletin webcast.
     
    NICK ADSL UK, Oct 8, 2013
    #2
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,505
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions - Oct 10, 2013

    Summary

    The following bulletins have undergone minor revision increments.
    Please see the bulletins for more details.

    * MS13-080
    * MS13-082
    * MS13-oct

    Bulletin Information:

    * MS13-080 - Critical

    https://technet.microsoft.com/security/bulletin/ms13-080
    - Reason for Revision: V1.3 (October 10, 2013): Bulletin
    revised to remove CVE-2013-3871 from the vulnerabilities
    addressed by this update. Including this CVE in the
    original security bulletin text was a documentation error.
    CVE-2013-3871 is scheduled to be addressed in a future
    security update. This is an informational change only.
    Customers who have already successfully updated their
    systems do not need to take any action.
    - Originally posted: October 8, 2013
    - Updated: October 10, 2013
    - Bulletin Severity Rating: Critical
    - Version: 1.3

    * MS13-082 - Critical

    https://technet.microsoft.com/security/bulletin/ms13-082
    - Reason for Revision: V1.1 (October 10, 2013): Bulletin
    revised to indicate that Server Core installations of
    Windows Server 2012 are affected by the vulnerability
    addressed in the 2861194 update. This is an informational
    change only. There were no changes to the detection logic
    or the security update files. Customers who have already
    successfully updated their systems do not need to take
    any action.
    - Originally posted: October 8, 2013
    - Updated: October 10, 2013
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS13-oct

    https://technet.microsoft.com/security/bulletin/ms13-oct
    - Reason for Revision: V1.1 (October 10, 2013): For MS13-080,
    removed Exploitability Assessment in the Exploitability
    Index for CVE-2013-3871. Including this CVE in the original
    Exploitability Index was a documentation error. CVE-2013-
    3871 is scheduled to be addressed in a future security
    update. This is an informational change only. For MS13-082,
    revised bulletin to indicate that Server Core installations
    of Windows Server 2012 are affected by the vulnerability
    addressed in the 2861194 update. There were no changes to
    the detection logic or the security update files. Customers
    who have already successfully updated their systems do not
    need to take any action.
    - Originally posted: October 8, 2013
    - Updated: October 10, 2013
    - Version: 1.1
    --
     
    NICK ADSL UK, Oct 14, 2013
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...