Home > Microsoft Security > Microsoft Security Bulletin For May 14 2013

Microsoft Security Bulletin For May 14 2013

In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation If you are not automatically redirected, please click the link below. Windows Operating System and Components Windows XP Bulletin Identifier MS13-037 MS13-038 MS13-039 MS13-040 MS13-046 Aggregate Severity Rating Critical Critical None Important Important Windows XP Service Pack 3Internet Explorer 6 (2829530) (Critical)Internet Explorer The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. http://worov.com/microsoft-security/microsoft-security-bulletin-for-april-9-2013.html

This can trigger incompatibilities and increase the time it takes to deploy security updates. Microsoft Baseline Security Analyzer The Microsoft Baseline Security Analyzer (MBSA) allows administrators to scan local and remote systems for missing security updates as well as common security misconfigurations. Important Elevation of PrivilegeRequires restartMicrosoft Windows Exploitability Index The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. Security Advisories and Bulletins Security Bulletin Summaries 2013 2013 MS13-MAY MS13-MAY MS13-MAY MS13-DEC MS13-NOV MS13-OCT MS13-SEP MS13-AUG MS13-JUL MS13-JUN MS13-MAY MS13-APR MS13-MAR MS13-FEB MS13-JAN TOC Collapse the table of content Expand

See the other tables in this section for additional affected software.   Microsoft Office Services and Web Apps Microsoft SharePoint Server 2010 Bulletin Identifier MS14-022 Aggregate Severity Rating Critical Microsoft SharePoint The TechNet Security TechCenter provides additional information about security in Microsoft products. See bulletin for details.

The content you requested has been removed. The Microsoft Update Catalog provides a searchable catalog of content made available through Windows Update and Microsoft Update, including security updates, drivers and service packs. I was watching the updates, and I think I was seeing 32 bit and 64 bit updates. Please try the request again.

Important SpoofingMay require restartMicrosoft Windows, Microsoft .NET Framework MS13-041 Vulnerability in Lync Could Allow Remote Code Execution (2834695) This security update resolves a privately reported vulnerability in Microsoft Lync. But all updates downloaded and installed. · actions · 2013-May-14 9:45 pm · DocDrewaka DrDrewPremium Memberjoin:2009-01-28SoCalARRIS TG1672ARRIS SB6141Linksys EA69004 edits

DocDrew to Mele20 Premium Member 2013-May-14 10:47 pm to Mele20That's funny.... The vulnerability could allow information disclosure if a user opens a specially crafted Visio file. How do I use these tables?

An attacker who successfully exploited the vulnerability could override Windows Writer proxy settings and overwrite files accessible to the user on the target system. Revisions V1.0 (May 1, 2014): Bulletin summary published. With the release of the security bulletins for April 2013, this bulletin summary replaces the bulletin advance notification originally issued April 4, 2013. MS Blocking Updates For Ryzen and Kaby [Microsoft] by Jackarino© DSLReports · Est.1999feedback · terms · Mobile mode

301 Moved Permanently The requested resource has been assigned a new permanent

Acknowledgments Microsoft thanks the following for working with us to help protect customers: MS13- 037 Jose Antonio Vazquez Gonzalez, working with VeriSign iDefense Labs, for reporting the Internet Explorer Use After Use these tables to learn about the security updates that you may need to install. Microsoft Baseline Security Analyzer (MBSA) lets administrators scan local and remote systems for missing security updates and common security misconfigurations. Other Information Microsoft Windows Malicious Software Removal Tool For the bulletin release that occurs on the second Tuesday of each month, Microsoft has released an updated version of the Microsoft Windows

Important Elevation of PrivilegeMay require restartMicrosoft Office, Microsoft Server Software MS13-036 Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996) This security update resolves three privately reported vulnerabilities and one publicly disclosed weblink The vulnerabilities are listed in order of bulletin ID then CVE ID. By using SMS, administrators can identify Windows-based systems that require security updates and to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users. Microsoft Security Bulletin Summary for May 2013 Published: May 14, 2013 | Updated: May 22, 2013 Version: 1.1 This bulletin summary lists security bulletins released for May 2013.

Review each of the assessments below, in accordance with your specific configuration, to prioritize your deployment of this month's updates. Important Information DisclosureMay require restartMicrosoft Office MS13-045 Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)   This security update resolves a privately reported vulnerability in Windows Essentials. This is an informational change only. navigate here MS13-045 Windows Essentials Improper URI Handling Vulnerability CVE-2013-0096 3 - Exploit code unlikely 3 - Exploit code unlikelyNot applicable(None) MS13-046 DirectX Graphics Kernel Subsystem Double Fetch Vulnerability CVE-2013-1332 2 - Exploit

Microsoft Security Bulletin Summary for May 2014 Published: May 1, 2014 | Updated: May 13, 2014 Version: 2.0 On this page Executive Summaries Exploitability Index Affected Software Detection and Deployment Tools ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Updates from Past Months for Windows Server Update Services.

For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

MS13-040 XML Digital Signature Spoofing Vulnerability CVE-2013-1336 Not applicableNot applicableNot applicableThis is a spoofing vulnerability. Windows Server Update Services By using Windows Server Update Services (WSUS), administrators can quickly and reliably deploy the latest critical updates and security updates for Microsoft Windows 2000 operating systems and Built at 2014-04-18T13:49:36Z-07:00 Show: Inherited Protected Print Export (0) Print Export (0) Share IN THIS ARTICLE Is this page helpful? Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

V2.0 (April 11, 2013): For MS13-036, removed the links to security update 2823324 due to a known installation issue. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification. Non-Security Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services and his comment is here Important Elevation of PrivilegeRequires restartMicrosoft Security Software MS13-035 Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)  This security update resolves a privately reported vulnerability in Microsoft Office.

The Application Compatibility Toolkit (ACT) contains the necessary tools and documentation to evaluate and mitigate application compatibility issues before deploying Windows Vista, a Windows Update, a Microsoft Security Update, or a The vulnerability could allow remote code execution if a user views a specially crafted webpage. Going off to reboot once more.And this is just the first of many systems I'm responsible for. :-( · actions · 2013-May-14 5:40 pm · StreetSpiritThis spot reserved for Xenu.Premium Memberjoin:2002-08-13Roslyn, For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index.

The more severe of the vulnerabilities could allow spoofing if a .NET application receives a specially crafted XML file. Important Elevation of PrivilegeRequires restartMicrosoft Windows MS13-032 Vulnerability in Active Directory Could Lead to Denial of Service (2830914)   This security update resolves a privately reported vulnerability in Active Directory. With the release of the security bulletins for May 2013, this bulletin summary replaces the bulletin advance notification originally issued May 9, 2013. By using SMS, administrators can identify Windows-based systems that require security updates and to perform controlled deployment of these updates throughout the enterprise with minimal disruption to end users.

Critical Remote Code Execution Requires restart Microsoft Windows, Internet Explorer MS14-022 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166) This security update resolves multiple privately reported vulnerabilities in Microsoft Acknowledgments Microsoft thanks the following for working with us to help protect customers: MS13- 028 Ivan Fratric and Ben Hawkes of Google Security Team for reporting the Internet Explorer Use After For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index. Updates for consumer platforms are available from Microsoft Update.

Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. We appreciate your feedback. For more information about this procedure, see Deploying Software Updates Using the SMS Software Distribution Feature. For information about SMS, visit the Microsoft Systems Management Server TechCenter.

V1.1 (May 22, 2013): For MS13-037, corrected the Common Vulnerabilities and Exposures number for CVE-2013-3140. Please try hitting the back button and then refreshing your browser. V3.0 (April 23, 2013): For MS13-036, replaced the 2823324 update with the 2840149 update for NTFS.sys when installed on supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows For more information see the TechNet Update Management Center.

MS13-031 Kernel Race Condition Vulnerability CVE-2013-1284 2 - Exploit code would be difficult to buildNot affectedPermanent(None) MS13-031 Kernel Race Condition Vulnerability CVE-2013-1294 2 - Exploit code would be difficult to build This is an informational change only. Page generated 2014-05-15 10:02Z-07:00. Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you