With this June Microsoft Patch Tuesday update, we see a set of 5 updates; 1of which is marked as “Critical” and 4 rated as “Important”.
The Patch Tuesday Security Update analysis was performed by the Quest ChangeBASE Patch Impact team and identified a small percentage of applications from the thousands of applications included in testing for this release which showed amber issues.
Of the five patches, all will "require a restart to load correctly", so as usual, it is probably best to assume all require a restart to be installed correctly.
Here is a quick snap-shot of the results from our ChangeBASE Patch Impact Assessment for June 2013. As you can see Security Updates MS13-047 and MS13-051 appear to have an overlap with a number of sample packages - potentially causing a compatibility impact upon application installation or during runtime.
In addition, we have supplied a Testing Overview for the sample database run by the ChangeBASE development team. Here you can see that again, patch 47 and 51 appear to raise a number of issues against the test portfolio for this Patch Tuesday update.
And, to add to some detail to the report, we have included the Patch Details for this June 2013 Patch Tuesday update. Most importantly, the following table includes all of payload or files updated or added by each Patch Tuesday update.
Patch Tuesday Security Update Details
|
MS13-047
|
Cumulative
Security Update for Internet Explorer (2838727)
|
|
Description
|
This
security update resolves nineteen privately reported vulnerabilities in
Internet Explorer. The most severe vulnerabilities could allow remote code
execution if a user views a specially crafted webpage using Internet
Explorer. An attacker who successfully exploited the most severe of these
vulnerabilities could gain the same user rights as the current user. Users
whose accounts are configured to have fewer user rights on the system could
be less impacted than users who operate with administrative user rights.
|
|
Payload
|
Browseui.dll,
Html.iec, Ieencode.dll, Iepeers.dll, Mshtml.dll, Mshtmled.dll, Mstime.dll,
Shdocvw.dll, Tdc.ocx, Url.dll, Urlmon.dll, Vgx.dll, Wininet.dll,
Ie4uinit.exe, Iedkcs32.dll, Iedvtool.dll, Ieframe.dll, Ieproxy.dll,
Iertutil.dll, Inetcpl.cpl, Jsdbgui.dll, Jsproxy.dll, Licmgr10.dll,
Msfeeds.dll, Msfeedsbs.dll, Occache.dll, Xpshims.dll,
Iexplore.exe, Wininetplugin.dll, Msfeeds.mof, Mshtml.tlb, Ieshims.dll,
Ieunatt.exe, Sqmapi.dll, Ieui.dll, Jsdebuggeride.dll, Jscript.dll,
Jscript9.dll, Vbscript.dll
|
|
Impact
|
Critical
- Remote Code Execution
|
|
MS13-048
|
Vulnerability
in Windows Kernel Could Allow Information Disclosure (2839229)
|
|
Description
|
This
security update resolves one privately reported vulnerability in Windows. The
vulnerability could allow information disclosure if an attacker logs on to a
system and runs a specially crafted application or convinces a local,
logged-in user to run a specially crafted application. An attacker must have
valid logon credentials and be able to log on locally to exploit this
vulnerability. Note that this vulnerability would not allow an attacker to
execute code or to elevate their user rights directly, but it could be used
to produce information that could be used to try to further compromise an
affected system.
|
|
Payload
|
Ntkrnlmp.exe,
Ntkrnlpa.exe, Ntkrpamp.exe, Ntoskrnl.exe
|
|
Impact
|
Important
- Information Disclosure
|
|
MS13-049
|
Vulnerability
in Kernel-Mode Driver Could Allow Denial of Service (2845690)
|
|
Description
|
This
security update resolves a privately reported vulnerability in Microsoft
Windows. The vulnerability could allow denial of service if an attacker sends
specially crafted packets to the server. Firewall best practices and standard
default firewall configurations can help protect networks from attacks that
originate outside the enterprise perimeter.
|
|
Payload
|
Netio.sys,
Fwpkclnt.sys, Tcpip.sys
|
|
Impact
|
Important
- Denial of Service
|
|
MS13-050
|
Vulnerability
in Windows Print Spooler Components Could Allow Elevation of Privilege
(2839894)
|
|
Description
|
This
security update resolves a privately reported vulnerability in Microsoft
Windows. The vulnerability could allow elevation of privilege when an
authenticated attacker deletes a printer connection. An attacker must have
valid logon credentials and be able to log on to exploit this vulnerability.
|
|
Payload
|
Printcom.dll,
Win32spl.dll
|
|
Impact
|
Important
- Elevation of privilege
|
|
MS13-051
|
Vulnerability
in Microsoft Office Could Allow Remote Code Execution (2839571)
|
|
Description
|
This
security update resolves one privately reported vulnerability in Microsoft
Office. The vulnerability could allow remote code execution if a user opens a
specially crafted Office document using an affected version of Microsoft
Office software, or previews or opens a specially crafted email message in
Outlook while using Microsoft Word as the email reader. An attacker who
successfully exploited this vulnerability could gain the same user rights as
the current user. Users whose accounts are configured to have fewer user
rights on the system could be less impacted than users who operate with
administrative user rights.
|
|
Payload
|
Ietag.dll,
Mso.dll
|
|
Impact
|
Important
- Remote Code Execution
|
*All results are based on an AOK Application Compatibility Lab’s test
portfolio of over 1,000 applications.
No comments:
Post a Comment