Executive Summary
With this January 2013 Microsoft Patch Tuesday update, we see a set of 7 updates; 2 of which are marked as "Critical", and 5 rated as "Important".
The Patch Tuesday Security Update analysis was performed by the Quest ChangeBASE Patch Impact team and identified a small percentage of applications from the thousands of applications included in testing for this release which showed an Amber issue.
Of the seven patches, all 7 will require a restart", so it is probably best to assume all require a restart to be installed correctly
Sample Results
Here is a sample of the results for one package against this January Patch Tuesday update:
Quest ChangeBASE Microsoft Security Update Report Summary
Security Bulletin Overview
And, here are the Microsoft Patch Tuesday individual Patch Tuesday bulletins with their respective Security Ratings, Payload and potential Impact.
With this January 2013 Microsoft Patch Tuesday update, we see a set of 7 updates; 2 of which are marked as "Critical", and 5 rated as "Important".
The Patch Tuesday Security Update analysis was performed by the Quest ChangeBASE Patch Impact team and identified a small percentage of applications from the thousands of applications included in testing for this release which showed an Amber issue.
Of the seven patches, all 7 will require a restart", so it is probably best to assume all require a restart to be installed correctly
Sample Results
Here is a sample of the results for one package against this January Patch Tuesday update:
Quest ChangeBASE Microsoft Security Update Report Summary
Security Bulletin Overview
And, here are the Microsoft Patch Tuesday individual Patch Tuesday bulletins with their respective Security Ratings, Payload and potential Impact.
|
MS13-001
|
Vulnerability
in Windows Print Spooler Components Could Allow Remote Code Execution
(2769369)
|
|
Description
|
This security update resolves one
privately reported vulnerability in Microsoft Windows. The vulnerability could
allow remote code execution if a print server received a specially crafted
print job. Firewall best practices and standard default firewall
configurations can help protect networks from attacks that originate outside
the enterprise perimeter. Best practices recommend that systems connected
directly to the Internet have a minimal number of ports exposed.
|
|
Payload
|
Win32spl.dll
|
|
Impact
|
Critical - Remote Code Execution
|
|
MS13-002
|
Vulnerabilities
in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
|
|
Description
|
This security update resolves two
privately reported vulnerabilities in Microsoft XML Core Services. The
vulnerabilities could allow remote code execution if a user views a specially
crafted webpage using Internet Explorer. An attacker would have no way to
force users to visit such a website. Instead, an attacker would have to
convince users to visit the website, typically by getting them to click a
link in an email message or Instant Messenger message that takes the user to
the attacker's website.
|
|
Payload
|
Msxml6.dll
|
|
Impact
|
Critical - Remote Code Execution
|
|
MS13-003
|
Vulnerabilities
in System Center Operations Manager Could Allow Elevation of Privilege
(2748552)
|
|
Description
|
This security update resolves two
privately reported vulnerabilities in Microsoft System Center Operations
Manager. The vulnerabilities could allow elevation of privilege if a user
visits an affected website by way of a specially crafted URL. An attacker
would have no way to force users to visit such a website. Instead, an
attacker would have to convince users to visit the website, typically by
getting them to click a link in an email message or Instant Messenger message
that takes users to the affected website.
|
|
Payload
|
No specific file information
|
|
Impact
|
Important - Elevation of Privilege
|
|
MS13-004
|
Vulnerabilities
in .NET Framework Could Allow Elevation of Privilege (2769324)
|
|
Description
|
This security update resolves four
privately reported vulnerabilities in the .NET Framework. The most severe of
these vulnerabilities could allow elevation of privilege if a user views a
specially crafted webpage using a web browser that can run XAML Browser
Applications (XBAPs). The vulnerabilities could also be used by Windows .NET
applications to bypass Code Access Security (CAS) restrictions. An attacker
who successfully exploited these vulnerabilities could gain the same user
rights as the logged-on user. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who operate
with administrative user rights.
|
|
Payload
|
No Specific File Information
|
|
Impact
|
Important - Elevation of Privilege
|
|
MS13-005
|
Vulnerability
in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
|
|
Description
|
This security update resolves one
privately reported vulnerability in Microsoft Windows. The vulnerability
could allow elevation of privilege if an attacker runs a specially crafted
application.
|
|
Payload
|
Win32k.sys
|
|
Impact
|
Important - Elevation of Privilege
|
|
MS13-006
|
Vulnerability
in Microsoft Windows Could Allow Security Feature Bypass(2785220)
|
|
Description
|
This security update resolves a privately
reported vulnerability in the implementation of SSL and TLS in Microsoft
Windows. The vulnerability could allow security feature bypass if an attacker
intercepts encrypted web traffic handshakes.
|
|
Payload
|
Ncrypt.dll
|
|
Impact
|
Important - Security Feature Bypass
|
|
MS13-007
|
Vulnerability
in Open Data Protocol Could Allow Denial of Service (2769327)
|
|
Description
|
This security update resolves a privately
reported vulnerability in the Open Data (OData) protocol. The vulnerability
could allow denial of service if an unauthenticated attacker sends specially
crafted HTTP requests to an affected site. Firewall best practices and standard
default firewall configurations can help protect networks from attacks that
originate outside the enterprise perimeter. Best practices recommend that
systems that are connected to the Internet have a minimal number of ports
exposed.
|
|
Payload
|
DataSvcUtil.exe,
System.Data.Services.Client.dll, System.Data.Services.Design.dll,
System.Data.Services.dll
|
|
Impact
|
Important - Denial of Service
|
*All results are based on an AOK
Application Compatibility Lab’s test portfolio of over 1,000 applications.
No comments:
Post a Comment