Executive Summary
With this March Microsoft Patch Tuesday update, we see a set of 7 updates; 4 of which are marked as “Critical” and 3 rated as “Important”.
The Patch Tuesday Security Update analysis was performed by the Quest ChangeBASE Patch Impact team and identified a small percentage of applications from the thousands of applications included in testing for this release which showed amber issues.
Of the seven patches, 2 "require a restart to load correctly", 3 "may require a restart", and 2 do not need a restart so, as usual, it is probably best to assume all require a restart to be installed correctly.
Sample Results
Here is a sample of the results for two packages, seen in ChangeBASE having reported against the patch Tuesday updates:
And here is a sample ChangeBASE Summary Report generated against our test lab of over 1000 applications;
And here is a sample of the Patch Testing Overview for that same sample application portfolio tested against these latest March Patch Tuesday updates.
Detailed Report on Microsoft Patch Updates for March 2013
|
MS13-021
|
Cumulative Security Update
for Internet Explorer (2809289)
|
|
Description
|
This security update resolves eight privately reported
vulnerabilities and one publicly disclosed vulnerability in Internet
Explorer. The most severe vulnerabilities could allow remote code execution
if a user views a specially crafted webpage using Internet Explorer. An
attacker who successfully exploited these vulnerabilities could gain the same
user rights as the current user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who operate
with administrative user rights.
|
|
Payload
|
A.
Advpack.dll,
Browseui.dll, Corpol.dll, Desktop.ini, Dxtmsft.dll, Dxtrans.dll, Extmgr.dll,
Html.iec, Icardie.dll, Ie4uinit.exe, Ie9props.propdesc, Ieakeng.dll,
Ieaksie.dll, Ieakui.dll, Ieapfltr.dat, Ieapfltr.dll, Iedkcs32.dll,
Iedvtool.dll, Ieencode.dll, Ieframe.dll, Ieframe.dll.mui, Iepeers.dll,
Ieproxy.dll, Iernonce.dll, Iertutil.dll, Iesetup.dll, Ieshims.dll,
Iesysprep.dll, Ieudinit.exe, Ieui.dll, Ieunatt.exe, Iexplore.exe,
Inetcpl.cpl, Jscript.dll, Jscript9.dll, Jsdbgui.dll, Jsproxy.dll,
Licmgr10.dll, Msfeeds.dll, Msfeeds.mof, Msfeedsbs.dll, Msfeedsbs.mof,
Msfeedssync.exe, Mshtml.dll, Mshtml.tlb, Mshtmled.dll, Msrating.dll,
Mstime.dll, Occache.dll, Pngfilt.dll, Shdocvw.dll, Spuninst.exe, Sqmapi.dll,
Tdc.ocx, Url.dll, Urlmon.dll, Uxinit.dll, Uxtheme.dll, Vbscript.dll, Vgx.dll,
W03a3409.dll, Wadvpack.dll, Wbrowseui.dll, Wcorpol.dll, Wdxtmsft.dll,
Wdxtrans.dll, Webcheck.dll, Wextmgr.dll, Whtml.iec, Wicardie.dll,
Wie4uinit.exe, Wieakeng.dll, Wieaksie.dll, Wieakui.dll, Wieapfltr.dat,
Wieapfltr.dll, Wiedkcs32.dll, Wiedvtool.dll, Wieencode.dll, Wieframe.dll,
Wieframe.dll.mui, Wiepeers.dll, Wieproxy.dll, Wiernonce.dll, Wiertutil.dll,
Wieudinit.exe, Wiexplore.exe, Winetcpl.cpl, Wininet.dll, Wininetplugin.dll,
Wjsdbgui.dll, Wjsproxy.dll, Wlicmgr10.dll, Wmsfeeds.dll, Wmsfeedsbs.dll,
Wmshtml.dll, Wmshtmled.dll, Wmsrating.dll, Wmstime.dll, Woccache.dll,
Wpngfilt.dll, Wshdocvw.dll, Wtdc.ocx, Wurl.dll, Wurlmon.dll, Ww03a3409.dll,
Wwebcheck.dll, Wwininet.dll, Wxpshims.dll, Xpshims.dll
|
|
Impact
|
Critical - Remote Code Execution
|
|
MS13-022
|
Vulnerability in Silverlight
Could Allow Remote Code Execution (2814124)
|
|
Description
|
This security update resolves a privately reported
vulnerability in Microsoft Silverlight. The vulnerability could allow remote
code execution if an attacker hosts a website that contains a specially
crafted Silverlight application that could exploit this vulnerability and
then convinces a user to view the website. The attacker could also take
advantage of compromised websites and websites that accept or host
user-provided content or advertisements. Such websites could contain
specially crafted content that could exploit this vulnerability. In all
cases, however, an attacker would have no way to force users to visit a
website. Instead, an attacker would have to convince users to visit a
website, typically by getting them to click a link in an email message or in
an Instant Messenger message that takes them to the attacker's website. It
could also be possible to display specially crafted web content by using
banner advertisements or by using other methods to deliver web content to
affected systems.
|
|
Payload
|
No specific payload
|
|
Impact
|
Critical - Remote Code Execution
|
|
MS13-023
|
Vulnerability in Microsoft
Visio Viewer 2010 Could Allow Remote Code Execution (2801261)
|
|
Description
|
This security update resolves a privately reported
vulnerability in Microsoft Office. The vulnerability could allow remote code
execution if a user opens a specially crafted Visio file. An attacker who
successfully exploited the vulnerability could gain the same user rights as
the current user. Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who operate with
administrative user rights.
|
|
Payload
|
A.
Saext.dll_0001,
Seqchk10.dll, Vpreview.exe, Vviewdwg.dll.x64, Vviewdwg.dll.x86,
Vviewer.dll.x64, Vviewer.dll.x86, Dwgdp.dll, Savasweb.dll, Sg.dll, Uml.dll,
Visbrgr.dll, Visicon.exe, Visio.exe, Vislib.dll, Msgfilt.dll.x64,
Nlhtml.dll_0002.x64, Odffilt.dll.x64, Offfilt.dll_0002.x64
B.
Offfiltx.dll.x64
C.
Onifiltr.dll.x64
D.
Visfilt.dll.x64
|
|
Impact
|
Critical - Remote Code Execution
|
|
MS13-024
|
Vulnerabilities in SharePoint
Could Allow Elevation of Privilege (2780176)
|
|
Description
|
This security update resolves four privately reported
vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation.
The most severe vulnerabilities could allow elevation of privilege if a user
clicks a specially crafted URL that takes the user to a targeted SharePoint
site.
|
|
Payload
|
A.
Microsoft.office.server.webanalytics.dll,
Microsoft.office.server.webanalytics.ui.dll,
Webanalyticspowershell.format.ps1xml
|
|
Impact
|
Critical - Elevation of Privilege
|
|
MS13-025
|
Vulnerability in Microsoft
OneNote Could Allow Information Disclosure (2816264)
|
|
Description
|
This security update resolves a privately reported
vulnerability in Microsoft OneNote. The vulnerability could allow information
disclosure if an attacker convinces a user to open a specially crafted
OneNote file.
|
|
Payload
|
I.
Iecontentservice.Exe,
Onbttnie.Dll.X64, Onbttnie.Dll.X86, Onbttnol.Dll, Onbttnppt.Dll,
Onbttnwd.Dll, Onenote.Exe, Onenote.Exe.Config, Onenotem.Exe,
Onenotemanaged.Dll, Onmain.Dll, Onpptaddin.Dll, Onwordaddin.Dll
|
|
Impact
|
Important - Information Disclosure
|
|
MS13-026
|
Vulnerability in Office
Outlook for Mac Could Allow Information Disclosure (2813682)
|
|
Description
|
This security update resolves one privately reported
vulnerability in Microsoft Office for Mac. The vulnerability could allow
information disclosure if a user opens a specially crafted email message.
|
|
Payload
|
No specific payload
|
|
Impact
|
Important - Information Disclosure
|
|
MS13-027
|
Vulnerabilities in
Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)
|
|
Description
|
This security update resolves three privately reported
vulnerabilities in Microsoft Windows. These vulnerabilities could allow
elevation of privilege if an attacker gains access to a system.
|
|
Payload
|
Usb8023.sys, Usb8023.sys, Usb8023.sys, Usb8023.sys,
Wlaninst.dll, Rndismp6.sys, Rndismpx.sys, Usb80236.sys, Usb8023x.sys,
Rndismp6.sys, Rndismpx.sys, Usb80236.sys, Usb8023x.sys, Rndismp6.sys,
Rndismpx.sys, Usb80236.sys, Usb8023x.sys, Rndismp6.sys, Rndismpx.sys,
Usb80236.sys, Usb8023x.sys
|
|
Impact
|
Important - Elevation of Privilege
|
* All results are based on the ChangeBASE Application
Compatibility Lab’s test portfolio of over 1,000 applications.
No comments:
Post a Comment