Microsoft Security Bulletin(s) for January 8 2013

Discussion in 'other security issues & news' started by NICK ADSL UK, Jan 8, 2013.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin(s) for January 8 2013
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-jan

    Critical (2)
    Microsoft Security Bulletin MS13-001
    Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)
    http://go.microsoft.com/fwlink/?LinkId=273848

    Microsoft Security Bulletin MS13-002
    Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
    http://go.microsoft.com/fwlink/?LinkId=264923

    Important (5)
    Microsoft Security Bulletin MS13-003
    Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552)
    http://go.microsoft.com/fwlink/?LinkId=261863

    Microsoft Security Bulletin MS13-004
    Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
    http://go.microsoft.com/fwlink/?LinkId=268279

    Microsoft Security Bulletin MS13-005
    Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
    http://go.microsoft.com/fwlink/?LinkId=273826

    Microsoft Security Bulletin MS13-006
    Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220)
    http://go.microsoft.com/fwlink/?LinkId=273872

    Microsoft Security Bulletin MS13-007 -
    Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
    http://go.microsoft.com/fwlink/?LinkId=268284


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    TechNet Webcast: Information About the January 2013 Security Bulletin Release

    Event ID: 1032538623



    Language(s): English.


    Product(s): computer security and information security.


    Audience(s): IT Decision Maker, IT Implem_IT Generalist and IT Manager.


    Starts: Wednesday, January 09, 2013 11:00 AM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)


    Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.


    Presented by:

    Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

    and

    TBD





    Register now for the January security bulletin webcast.
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Out of band for IE security issue
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft out-of-band security bulletin for January 2013

    Microsoft out-of-band security bulletin for January 2013
    Note: There may be latency issues due to replication, if the page does not display keep refreshing

    Today Microsoft released the following Security Bulletin(s).

    Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

    Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

    Bulletin Summary:
    http://technet.microsoft.com/en-us/security/bulletin/ms13-jan

    Critical (1)

    Security Update for Internet Explorer (2799329)

    This security update resolves one publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    https://technet.microsoft.com/en-us/security/bulletin/ms13-008


    Important (0)


    Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

    If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

    As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

    Security Tool
    Find out if you are missing important Microsoft product updates by using MBSA.
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Re: Microsoft out-of-band security bulletin for January 2013

    TechNet Webcast: Information About the January Out of Band Security Bulletin Release

    Event ID: 1032541648


    Starts: Monday, January 14, 2013 1:00 PM
    Time zone: (GMT-08:00) Pacific Time (US & Canada)
    Duration: 1 hour(s)

    Language(s): English.




    Product(s): computer security and information security.



    Audience(s): IT Decision Maker, IT Implem_IT Generalist and IT Manager.



    Information about the January 2013 Out-of-Band Security Bulletin Webcast


    Presented by:

    Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

    and

    Jonathan Ness, Security Development Manager, Microsoft Corporation


    Register now for the January Out of Band Security Bulletin Release Monday, January 14, 2013 1:00 PM webcast.
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Re: Microsoft out-of-band security bulletin for January 2013

    Title: Microsoft Security Bulletin Re-Releases
    Issued: January 22, 2013
    ********************************************************************

    Summary
    =======
    The following bulletins have undergone a major revision increment.
    Please see the appropriate bulletin for more details.

    * MS13-004 - Important
    * MS13-jan


    Bulletin Information:
    =====================

    * MS13-004 - Important

    - http://technet.microsoft.com/security/bulletin/MS13-004
    - Reason for Revision: V2.0 (January 22, 2013): Bulletin
    rereleased to reoffer security update KB2756920 for Windows 7
    and Windows Server 2008 R2 to systems that are running in
    specific configurations known to have potential compatibility
    issues. Customers who are reoffered the update should
    reinstall this update. See the update FAQ for more
    information.
    - Originally posted: January 8, 2013
    - Updated: January 22, 2013
    - Bulletin Severity Rating: Important
    - Version: 2.0

    * MS13-jan

    - http://technet.microsoft.com/security/bulletin/ms12-jan
    - Reason for Revision: V3.0 (January 22, 2013): For MS13-004,
    bulletin rereleased to reoffer the KB2756920 update for
    Windows 7 and Windows Server 2008 R2 to systems that are
    running in specific configurations known to have potential
    compatibility issues. See the bulletin for more information.
    - Originally posted: January 8, 2013
    - Updated: January 22, 2013
    - Version: 3.0


    Other Information
    =================

    Follow us on Twitter for the latest information and updates:
    http://twitter.com/msftsecresponse

    Recognize and avoid fraudulent email to Microsoft customers:
    =============================================================
    If you receive an email message that claims to be distributing
    a Microsoft security update, it is a hoax that may contain
    malware or pointers to malicious websites. Microsoft does
    not distribute security updates via email.

    The Microsoft Security Response Center (MSRC) uses PGP to digitally
    sign all security notifications. However, it is not required to read
    security notifications, security bulletins, security advisories, or
    install security updates. You can obtain the MSRC public PGP key at
    https://technet.microsoft.com/security/bulletin/pgp.
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Microsoft Security Bulletin Minor Revisions - Jan 30, 2013
    Summary
    =======
    The following bulletins have undergone a minor revision increment.
    Please see the appropriate bulletin for more details.

    * MS12-043
    * MS12-057
    * MS12-060

    Bulletin Information:
    =====================

    * MS12-043 - Critical
    http://technet.microsoft.com/security/bulletin/ms12-043
    - Reason for Revision: V4.1 (January 30, 2013): Clarified that
    customers with the KB2687324 and KB2596679 updates will be
    offered the KB2687627 and KB2687497 updates respectively for
    Microsoft XML Core Services 5.0. See the update FAQ for
    details.
    - Originally posted: July 10, 2012
    - Updated: January 30, 2013
    - Bulletin Severity Rating: Critical
    - Version: 4.1

    * MS12-057 - Important
    http://technet.microsoft.com/security/bulletin/ms12-057

    - Reason for Revision: V2.1 (January 30, 2013): Clarified
    that customers with the KB2553260 and KB2589322 updates
    will be offered the KB2687501 and KB2687510 updates
    respectively for Microsoft Office 2010 Service Pack 1.
    See the update FAQ for details.
    - Originally posted: August 14, 2012
    - Updated: January 30, 2013
    - Bulletin Severity Rating: Important
    - Version: 2.1

    * MS12-060 - Critical

    http://technet.microsoft.com/security/bulletin/ms12-060
    - Reason for Revision: V2.1 (January 30, 2013): Clarified
    that customers with the KB2687323 update will be offered
    the KB2726929 update for Windows common controls on all
    affected variants of Microsoft Office 2003, Microsoft Office
    2003 Web Components, and Microsoft SQL Server 2005.
    See the update FAQ for details.
    - Originally posted: August 14, 2012
    - Updated: January 30, 2013
    - Bulletin Severity Rating: Critical
    - Version: 2.1
     
Loading...
Thread Status:
Not open for further replies.