Monday, 30 September 2013

Packaging Event 2013: Management Briefing

Packaging Event 2013

The Management Summary Sessions (MSS)

Be our guest during the Management Summary Sessions at Packaging Event 2013 in the Media Plaza, Jaarbeurs Utrecht.

On Thursday October 3 between 15.45 and 18.00, the management summary sessions will take place at a private section of the event and can be attended by invitation-only. These sessions will provide a high-level overview and excellent Sr. management network opportunities with trend setting industry organizations around packaging, application virtualisation, application management, (cloud) migrations, MDM and deployment.

While other sessions at the event are fairly technical / product specific, these sessions are designed for CEO/CTO/IT managers who benefit from a high-level understanding how solutions in the industry can help your organizations work more efficient, save time, improve quality and save costs.

During three 30-minute sessions, sr. management from key industry organizations Dell Software, Flexera Software and Raynet will share their company vision, product roadmap & solutions and how these can help your organization.

The following speakers will present their view and future direction of respective technologies:

Flexera
Flexera Software - Jim Ryan
Chief Operating Officer

RaynetRagip Aydin
Managing Director

Dell Software - Gregory Lambert
Sr. Technical Evangelist


You can attend the MMS without registering for the whole event. 

Thursday, 26 September 2013

Don’t’ forget to join our Gartner webinar today!

Don’t’ forget to join our Gartner webinar today!
Don't forget to join Ann Maya, Senior Product Manager for ChangeBASE here at Dell Software and Michael Silver, Vice President and Research Director at Gartner for our joint webinar - It’s all about the data – migrations and beyond
Date:  26th September
Time: 8:00 PST / 11:00 EST / 16:00 GMT / 17:00 CET

With customers’ requirements to better manage the move towards supporting BYOD, the need to integrate systems for better data mining, the desire for solutions that can be hosted in the cloud and “self-service” application delivery solutions – the landscape for application management and application readiness is constantly changing. The focus is veering from pure migration efforts to ongoing application lifecycle management.
Attend this webcast to discover:
  • Why organizations have been slow to move off XP
  • What we can learn from organizations that have migrated successfully
  • How to keep up with the frequency of technology changes
  • Top considerations for ongoing application lifecycle management beyond migration
  • The importance of an optimized workflow management process

Monday, 23 September 2013

DELL ESM Marketing News for September 23

I thought I would mention a few of the live and recorded on-line demos that will be happening over the next few weeks. In addition, I have added some new "In the News" links to some of the DELL happenings.

LIVE DEMOS

Multiple Dates, Next one: Wednesday, Sept 25 at 9 am PT
vWorkspace Live Weekly Demo

Deliver huge scalability and speed improvements with Hyper-V Catalyst components for virtual desktops, use Desktop Clouds to provide power and simplicity for SMBs and enterprises, and monitor user experience from a “single pane of glass” for both VDI and TS/RDSH. See vWorkspace 8.0 in action. Register here .

Thursday, Sept. 26 at 11 am PT
Desktop Virtualization: Your Optimal Strategy for Healthcare IT
Join Craig Mathias of Farpoint Group and Matt Law of Dell Endpoint Systems Management for this fast-paced and informative webcast, where you will discover how desktop virtualization offers an optimal strategy for addressing the mission-critical demands of IT in healthcare. Register here .

Multiple Dates, Next one: Tuesday, Oct 1 at 11 am PT
Enable BYOD with easy scanning for VDI and RDSH users
Support your BYOD initiatives by making it as easy for your BYOD users to use document scanners and other image acquisition devices as it is for physical desktop users with Dell RemoteScan. 
Register here .

Multiple Dates, Next one: Wednesday, Oct 2 at 11 am PT
Managing Configurations in the User Environment without Scripts
Still using login scripts to configure user environments? In this webcast, discover the power of automation when delivering applications, controlling configurations across desktops, virtual desktops, and remote sessions and much more. Registerhere .

On-Demand Webinars

Agile Service Desk: Keeping Pace or Getting Out Paced by New Technology?
Join us for a quick look at the state of the service desk, and explore new requirements and tradeoffs in choosing and using a service desk solution. You will also discover practical ways to ensure an effective service desk in 2013 and beyond. 
View the recording here.


New! Dell KACE Jumpstart Datasheet
JumpStart training has always been an integral part of helping customers gain near-immediate return for their investment in KACE Appliances. This updated data sheet articulates clearly the benefits of the JumpStart program and the available options for both initial and ongoing learning opportunities, from basic to in-depth, customized to client needs. The data sheet is posted on the Resource Center on KACE.com .


DELL ESM in the News
  • Dell Software's endpoint systems management allowed Louisiana-based customer Green Clinic to save 20 hours per week in service requests and reduce EMR deployment costs by $20,000. - Becker's Hospital Review , iHealthBeat ,Healthcare Technology Online , CIO Insight
  • Dell Software customers want consolidated end-to-end solutions from fewer suppliers, which led Dell to a strategy calling further integration of assets including Dell KACE. - Channelnomics
  • Dell Inc. announced its software business has reached the $1.5 billion revenue mark and has upcoming changes to its PartnerDirect channel program involving Dell KACE among others. - Channelnomics
  • Dell Latitude 7000 Ultrabook features Intel vPro with extensions specific to Dell, along with tools that work with Microsoft System Center and Dell KACE. - ChipChick
  • Dell recently launched vWorkspace 8, which brings a multitude of features to the table, the most notable of which include tighter integration into Hyper-V and full support for Windows Server 2012 and Windows 8. -SearchVirtualDesktop
  • Dell's new PartnerDirect program introduces a new set of “competencies” for software partners through Dell KACE, SonicWALL and other divisions of the software company. - ChannelnomicsMSPMentor

Friday, 20 September 2013

Join our joint Gartner and Dell Software Webinar

Join our joint Gartner and Dell Software Webinar - Click Here to Register 
Date:  26th September
Time:  8:00 PST / 11:00 EST  / 16:00 GMT  / 17:00 CET

 Join Gartner expert Mike Silver’s and Ann Maya, senior ChangeBASE product manager, Dell Software, to hear about solutions that customers are using to move forward beyond migration.

You know that Windows XP is reaching its end of life next April.  Yet, many organisations are still on XP, opening up the real possibility of having to pay considerably for extended support. So why the delay?

Application compatibility is one of the major obstacles for enterprise Windows 7/8 migrations but there are also concerns about ongoing application management.
With customers’ requirements to better manage the move towards supporting BYOD, the need to integrate systems for better data mining, the desire for solutions that can be hosted in the cloud and “self-service” application delivery solutions – the landscape for application management and application readiness is constantly changing. The focus is veering from pure migration efforts to ongoing application lifecycle management.
Attend this Dell Software webcast featuring Gartner expert Mike Silver to discover:
  • Why organizations have been slow to move off XP 
  • What we can learn from organizations that have migrated successfully 
  • Top considerations for ongoing application lifecycle management beyond migration 
  • The importance of an optimized workflow management process

Thursday, 19 September 2013

Microsoft Zero-Day IE flaw with a complex fix

I would have normally waited until my monthly Patch Tuesday update to discuss Microsoft security vulnerabilities and updates. However, when I read about the latest Microsoft Zer-day exploit and security flaw and then saw that the BBC thought it was sufficiently important to report on, well I had to post something.

The Remote Code Execution vulnerability exploited in this attack effects all versions of Internet Explorer (both 32 and 64-bit) bar the latest version (11). The CVE description for this issue incudes;
"Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll."
This means that a specially crafted web page that includes some nasty JavaScript code could allow an attacker to execute code on the users machines. This code could include spyware (watches your keystrokes), malware (leaves a trojan behind) and could directly affect (copy/delete) files and data on the affected machine.

There is already fix posted by the TechNet and IE Team, which you can read about  in the IE TechNet blog located here: http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx

This attack is a little annoying (besides the potential damage it cold allow) as I thought that IE employed security tactics to prevent these kind of attacks. Reading the IE blog posting, the vulnerability is described as;
The purpose of this DLL in the context of this exploit is to bypass ASLR by providing executable code at known addresses in memory, so that a hardcoded ROP (Return Oriented Programming) chain can be used to mark the pages containing shellcode (in the form of Javascript strings) as executable.
ASLR is a programming and security technique designed to prevent these kinds of attacks by effectively randomly assinging addresses to memory locations. This is very much like removing door-numbers from within an office building - it makes finding anything or anyone very difficult.

It looks like the primary components of IE use ASLR and thus benefit from its protection. However, it looks like the sub-components used by IE did not - and, therefore allowing a way in for attackers.

Sort of like, having super secure and vetted full-time employees and then using 3rd-party contractors with similar security access and privileges.

I wonder if Microsoft will call these types of dependency attacks the "Snowden Way In".




References:

ASLR
http://en.wikipedia.org/wiki/Address_space_layout_randomization

http://technet.microsoft.com/en-us/security/advisory/2887505

CVE Vulnerability Entry CVE 2013-3893
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3893

Wednesday, 11 September 2013

Microsoft Patch Tuesday - September 2013

Application Compatibility Update with Dell Software's ChangeBASE

With this September Microsoft Patch Tuesday update, we see a set of 13 updates; 4 of which are marked as “Critical” and 9 rated as “Important”.

The Patch Tuesday Security Update analysis was performed by the Dell ChangeBASE Patch Impact team and identified a small percentage of applications from the thousands of applications included in testing for this release which showed amber issues.

Of the thirteen patches, 3 "require a restart to load correctly",  and 10 "may require a restart", so the usual advice is that it is probably best to assume all require a restart to be installed correctly.


Sample Results 

Here are two sample results showing amber warnings generated as a result of patch MS13-069.



Here is a sample summary report:

Testing Summary

MS13-067
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (KB2834052)
MS13-068
Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (KB2756473)
MS13-069
Cumulative Security Update for Internet Explorer (KB2870699)
MS13-070
Vulnerability in OLE Could Allow Remote Code Execution (KB2876217)
MS13-071
Vulnerability in Windows Theme File Could Allow Remote Code Execution (KB2864063)
MS13-072
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (KB2845537)
MS13-073
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (KB2858300)
MS13-074
Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (KB2848637)
MS13-075
Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (KB2878687)
MS13-076
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (KB2876315)
MS13-077
Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (KB2872339)
MS13-078
Vulnerability in FrontPage Could Allow Information Disclosure (KB2825621)
MS13-079
Vulnerability in Active Directory Could Allow Denial of Service (KB2853587)


Security Update Detailed Summary


MS13-067
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (KB2834052)
Description
This security update resolves one publicly disclosed vulnerability and nine privately reported vulnerabilities in Microsoft Office Server software. The most severe vulnerability could allow remote code execution in the context of the W3WP service account if an attacker sends specially crafted content to the affected server.
Payload
Cfgupddl.sql, Configdb.sql, Configup.sql, Dwdcw20.dll, Fldedit.asx, Fldnew.asx, Listedit.asx, Microsoft_sharepoint_dsp_oledb.dll, Microsoft_sharepoint_dsp_soappt.dll, Microsoft_sharepoint_dsp_sts.dll, Microsoft_sharepoint_dsp_xmlurl.dll, Microsoft_web_design_server.dll, Mssph.dll_0001.x86, Mssrch.dll_0001.x86, Offprsx.dll, Onetutil.dll, Owssvr.dll_0001, Qstedit.asx, Qstnew.asx, Searchom.dll_0003.x86, Searchom.dll_0005.x86, Sigcfg.cer, Sigcfg.dll, Sigcfg.sql, Sigsdb.cer.x86, Sigsdb.dll.x86, Sigsdb.sql.x86, Sigstore.cer, Sigstore.dll, Sigstore.sql, Store.sql, Storeup.sql, Stoupddl.sql, Sts.workflows.dll, Stsadm.exe, Stsap.dll, Stsapa.dll, Stslib.dll_0001, Stsom.dll, Stsom.dll_0001, Stssoap.dll, Stswel.dll, Stswfacb.dll, Stswfact.dll, Svrsetup.exe, Timezone.xml, Tquery.dll_0002.x86, Wsdisco.asx, Wss.search.sql.x86, Wss.search.up.sql.x86, Wssadmin.exe_0001, Wssadmop.dll_0001, Wsssetup.dll, Wswsdl.asx, Xmlfiltr.dll.x86
Impact
Critical - Remote Code Execution

MS13-068
Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (KB2756473)
Description
This security update resolves a privately reported vulnerability in Microsoft Outlook. The vulnerability could allow remote code execution if a user opens or previews a specially crafted email message using an affected edition of Microsoft Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Cnfnot32.exe_0004, Contab32.dll, Dlgsetp.dll, Emsmdb32.dll_0005, Envelope.dll, Exsec32.dll_0001, Impmail.dll, Mapiph.dll, Mimedir.dll, Mspst32.dll_0004, Olmapi32.dll, Omsmain.dll, Omsxp32.dll  , Outlmime.dll, Outlook.exe, Outlph.dll, Outlvbs.dll_0001, Pstprx32.dll, Recall.dll, Rm.dll, Rtfhtml.dll, Scanpst.exe_0002, Scnpst32.dll, Scnpst64.dll
Impact
Critical - Remote Code Execution

MS13-069
Cumulative Security Update for Internet Explorer (KB2870699)
Description
This security update resolves ten privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Browseui.dll, Html.iec, Ieencode.dll, Iepeers.dll, Mshtml.dll, Mshtmled.dll, Mstime.dll, Shdocvw.dll, Tdc.ocx, Url.dll, Urlmon.dll, Vgx.dll, Wininet.dll
Impact
Critical - Remote Code Execution

MS13-070
Vulnerability in OLE Could Allow Remote Code Execution (KB2876217)
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a file that contains a specially crafted OLE object. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Ole32.dll, Wole32.dll
Impact
Critical - Remote Code Execution

MS13-071
Vulnerability in Windows Theme File Could Allow Remote Code Execution (KB2864063)
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user applies a specially crafted Windows theme on their system. In all cases, a user cannot be forced to open the file or apply the theme; for an attack to be successful, a user must be convinced to do so.
Payload
Themeui.dll
Impact
Important - Remote Code Execution

MS13-072
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (KB2845537)
Description
This security update resolves 13 privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Office software. An attacker who successfully exploited the most severe vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Winword.exe, Wordicon.exe, Wordcnv.dll, Wwlib.dll
Impact
Important - Remote Code Execution

MS13-073
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (KB2858300)
Description
This security update resolves three privately reported vulnerabilities in Microsoft Office. The most severe vulnerabilities could allow remote code execution if a user opens a specially crafted Office file with an affected version of Microsoft Excel or other affected Microsoft Office software. An attacker who successfully exploited the most severe vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Excel.exe
Impact
Important - Remote Code Execution

MS13-074
Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (KB2848637)
Description
This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Access file with an affected version of Microsoft Access. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Payload
Acacedao.dll, Acecore.dll, Acedao.dll, Aceerr.dll, Acees.dll, Aceexch.dll, Aceexcl.dll, Aceodbc.dll, Aceodexl.dll, Aceodtxt.dll, Aceoledb.dll, Acetxt.dll, Acewdat.dll
Impact
Important - Remote Code Execution

MS13-075
Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (KB2878687)
Description
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged on attacker launches Internet Explorer from the toolbar in Microsoft Pinyin IME for Simplified Chinese. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. Only implementations of Microsoft Pinyin IME 2010 are affected by this vulnerability. Other versions of Simplified Chinese IME and other implementations of IME are not affected.
Payload
Imecfm.dll, Imecfmp.dll, Imecfmui.exe, Imecmnt.exe, Imefiles.dll, Imeklmg.exe, Imespbld.exe, Imetip.dll, Imewdbld.exe, Imjp14k.dll, Imjpapi.dll, Imjpcac.dll, Imjpcmld.dll, Imjpcmmp.dll, Imjpcus.dll, Imjpdapi.dll, Imjpdct.exe, Imjpdctp.dll, Imjpdus.exe, Imjplmp.dll, Imjppred.dll, Imjpskey.dll, Imjpskf.dll, Imjptip.dll, Imjpuexc.exe, Imjputyc.dll, Imecfm.dll, Imecfmp.dll, Imecfmui.exe, Imefiles.dll, Imeklmg.exe, Imespbld.exe, Imetip.dll, Imewdbld.exe, Imccphr.exe, Imecfm.dll, Imecfmp.dll, Imecfmui.exe, Imecmnt.exe, Imefiles.dll, Imeklmg.exe, Imespbld.exe, Imetip.dll, Imewdbld.exe, Imsccfg.dll, Imsccore.dll, Imsctip.dll, Imscui.dll, Imccphr.exe, Imecfm.dll, Imecfmp.dll, Imecfmui.exe, Imefiles.dll, Imeklmg.exe, Imespbld.exe, Imetip.dll, Imewdbld.exe, Imtccfg.dll, Imtccore.dll, Imtcprop.exe, Imtctip.dll, Imtcui.dll
Impact
Important - Elevation of Privilege

MS13-076
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (KB2876315)
Description
This security update resolves seven privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs onto the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.
Payload
Win32k.sys
Impact
Important - Elevation of Privilege

MS13-077
Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (KB2872339)
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker convinces an authenticated user to execute a specially crafted application. To exploit this vulnerability, an attacker either must have valid logon credentials and be able to log on locally or must convince a user to run the attacker's specially crafted application.
Payload
Conhost.exe, Kernel32.dll, Kernelbase.dll, Api-ms-win-core-console-l1-1-0.dll, Api-ms-win-core-datetime-l1-1-0.dll, Api-ms-win-core-debug-l1-1-0.dll, Api-ms-win-core-delayload-l1-1-0.dll, Api-ms-win-core-errorhandling-l1-1-0.dll, Api-ms-win-core-fibers-l1-1-0.dll, Api-ms-win-core-file-l1-1-0.dll, Api-ms-win-core-handle-l1-1-0.dll, Api-ms-win-core-heap-l1-1-0.dll, Api-ms-win-core-interlocked-l1-1-0.dll, Api-ms-win-core-io-l1-1-0.dll, Api-ms-win-core-libraryloader-l1-1-0.dll, Api-ms-win-core-localization-l1-1-0.dll, Api-ms-win-core-localregistry-l1-1-0.dll, Api-ms-win-core-memory-l1-1-0.dll, Api-ms-win-core-misc-l1-1-0.dll, Api-ms-win-core-namedpipe-l1-1-0.dll, Api-ms-win-core-processenvironment-l1-1-0.dll, Api-ms-win-core-processthreads-l1-1-0.dll, Api-ms-win-core-profile-l1-1-0.dll, Api-ms-win-core-rtlsupport-l1-1-0.dll, Api-ms-win-core-string-l1-1-0.dll, Api-ms-win-core-synch-l1-1-0.dll, Api-ms-win-core-sysinfo-l1-1-0.dll, Api-ms-win-core-threadpool-l1-1-0.dll, Api-ms-win-core-util-l1-1-0.dll, Api-ms-win-core-xstate-l1-1-0.dll, Api-ms-win-security-base-l1-1-0.dll, Api-ms-win-core-console-l1-1-0.dll, Api-ms-win-core-datetime-l1-1-0.dll, Api-ms-win-core-debug-l1-1-0.dll, Api-ms-win-core-delayload-l1-1-0.dll, Api-ms-win-core-errorhandling-l1-1-0.dll, Api-ms-win-core-fibers-l1-1-0.dll, Api-ms-win-core-file-l1-1-0.dll, Api-ms-win-core-handle-l1-1-0.dll, Api-ms-win-core-heap-l1-1-0.dll, Api-ms-win-core-interlocked-l1-1-0.dll, Api-ms-win-core-io-l1-1-0.dll, Api-ms-win-core-libraryloader-l1-1-0.dll, Api-ms-win-core-localization-l1-1-0.dll, Api-ms-win-core-localregistry-l1-1-0.dll, Api-ms-win-core-memory-l1-1-0.dll, Api-ms-win-core-misc-l1-1-0.dll, Api-ms-win-core-namedpipe-l1-1-0.dll, Api-ms-win-core-processenvironment-l1-1-0.dll, Api-ms-win-core-processthreads-l1-1-0.dll, Api-ms-win-core-profile-l1-1-0.dll, Api-ms-win-core-rtlsupport-l1-1-0.dll, Api-ms-win-core-string-l1-1-0.dll, Api-ms-win-core-synch-l1-1-0.dll, Api-ms-win-core-sysinfo-l1-1-0.dll, Api-ms-win-core-threadpool-l1-1-0.dll, Api-ms-win-core-util-l1-1-0.dll, Api-ms-win-core-xstate-l1-1-0.dll, Api-ms-win-security-base-l1-1-0.dll, Winsrv.dll
Impact
Important - Elevation of Privilege

MS13-078
Vulnerability in FrontPage Could Allow Information Disclosure (KB2825621)
Description
This security update resolves a privately reported vulnerability in Microsoft FrontPage. The vulnerability could allow information disclosure if a user opens a specially crafted FrontPage document. The vulnerability cannot be exploited automatically; for an attack to be successful a user must be convinced to open the specially crafted document.
Payload
Fpwec.dll, Frontpg.exe
Impact
Important - Information Disclosure

MS13-079
Vulnerability in Active Directory Could Allow Denial of Service (KB2853587)
Description
This security update resolves a privately reported vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.
Payload
Ntdsatq.dll
Impact
Important - Denial of Service

* All results are based on the ChangeBASE Application Compatibility Lab’s test portfolio of over 3,000 applications