Microsoft Security Bulletin(s) for February 12, 2013

Discussion in 'other security issues & news' started by NICK ADSL UK, Feb 12, 2013.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for February 12, 2013
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-feb


    Critical (5)
    Microsoft Security Bulletin MS13-009
    Cumulative Security Update for Internet Explorer (2792100)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-009

    Microsoft Security Bulletin MS13-010
    Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2797052)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-010

    Microsoft Security Bulletin MS13-011
    Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-011

    Microsoft Security Bulletin MS13-012
    Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2809279)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-012

    Microsoft Security Bulletin MS13-020
    Vulnerability in OLE Automation Could Allow Remote Code Execution (280296:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-020


    Important (7)
    Microsoft Security Bulletin MS13-013
    Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-013

    Microsoft Security Bulletin MS13-014
    Vulnerability in NFS Server Could Allow Denial of Service (279097:cool:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-014

    Microsoft Security Bulletin MS13-015
    Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-015

    Microsoft Security Bulletin MS13-016
    Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778344)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-016

    Microsoft Security Bulletin MS13-017
    Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-017

    Microsoft Security Bulletin MS13-018
    Vulnerability in TCP/IP Could Allow Denial of Service (2790655)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-018

    Microsoft Security Bulletin MS13-019
    Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2790113)
    http://technet.microsoft.com/en-us/security/bulletin/ms13-019

    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About the February 2013 Security Bulletin Release

    Event ID: 1032538626

    Starts: Wednesday, February 13, 2013 11:00 AM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)


    Language(s): English.


    Product(s): computer security and information security.


    Audience(s): IT Decision Maker, IT Implem_IT Generalist and IT Manager.


    Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.


    Presented by:

    Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

    and

    TBD



    Register now for the February Security Bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions - Feb 13, 2013
    Summary

    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS13-012
    * MS13-020
    * MS13-feb

    Bulletin Information:

    * MS13-012 - Critical

    http://technet.microsoft.com/security/bulletin/ms13-012
    - Reason for Revision: V1.1 (February 13, 2013): Clarified that
    Microsoft Exchange Server 2010 Service Pack 3 is not affected
    by the vulnerabilities described in this bulletin. This is
    an informational change only.
    - Originally posted: February 12, 2013
    - Updated: February 13, 2013
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS13-020 - Critical

    http://technet.microsoft.com/security/bulletin/ms13-020
    - Reason for Revision: V1.1 (February 13, 2012): Clarified
    in the vulnerability FAQ what systems are primarily at risk
    for CVE-2013-1313. This is an informational change only.
    - Originally posted: February 12, 2013
    - Updated: February 13, 2013
    - Bulletin Severity Rating: Critical
    - Version: 1.1

    * MS13-feb

    http://technet.microsoft.com/security/bulletin/ms13-feb
    - Reason for Revision: V1.2 (February 13, 2013): For
    MS13-014, corrected the Exploitability Assessment for
    Latest Software Release in the Exploitability Index for
    CVE-2013-1281.
    - Originally posted: February 12, 2013
    - Updated: February 13, 2013
    - Version: 1.2
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Advisory (2755801)

    Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10

    Published: Friday, September 21, 2012 | Updated: Tuesday, February 26, 2013

    Version: 9.0


    General Information

    Executive Summary

    Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8, Windows Server 2012, and Windows RT. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10.
    http://technet.microsoft.com/en-us/security/advisory/2755801
     
Loading...
Thread Status:
Not open for further replies.