It's September and while the sun is still shining (here in the UK) there is as chill in the air. And, for most of us, it's back to school (or work) and in the case of Microsoft's September Patch Tuesday release, there is a lot of work to do.
This month the Microsoft Advance notification guide details 14 patches, four of which are rated as Critical and the remaining 10 are rated as Important.
All of the Critical patches deal with Remote Code Execution (RCE's) vulnerabilities and the remaining 10 patches deal with Information Disclosure and Denial of Service issues.
I have created a handy little chart of these patches, which you can view here;
Looking at these Microsoft Patches, I would tend to most worried about the application level updates. It looks like Outlook and Excel are going to be updated. These patches will require some serious testing prior to deployment.
You can find out more from the Microsoft Advance Notification page for September 2013 here: https://technet.microsoft.com/en-us/security/bulletin/ms13-sep
This month the Microsoft Advance notification guide details 14 patches, four of which are rated as Critical and the remaining 10 are rated as Important.
All of the Critical patches deal with Remote Code Execution (RCE's) vulnerabilities and the remaining 10 patches deal with Information Disclosure and Denial of Service issues.
I have created a handy little chart of these patches, which you can view here;
| Bulletin | Severity | Impact | Platform |
| 1 | Critical | Remote Code Execution | Share Point |
| 2 | Critical | Remote Code Execution | Outlook |
| 3 | Critical | Remote Code Execution | Internet Explorer |
| 4 | Critical | Remote Code Execution | XP/Server 2003 |
| 5 | Important | Remote Code Execution | XP/Vista/Server 2008 |
| 6 | Important | Remote Code Execution | Word 2003/2007/2010 |
| 7 | Important | Remote Code Execution | Excel 2003/2007/2010/2013 |
| 8 | Important | Remote Code Execution | Access 2007/2010/2013 |
| 9 | Important | Elevation of Privilege | Office 2010/Pinyin IME |
| 10 | Important | Elevation of Privilege | XP/Vista/7/8/RT/2003/2008/2010/ |
| 11 | Important | Elevation of Privilege | Windows 7/Server 2008 |
| 12 | Important | Information Disclosure | Front Page 2003 SP3 |
| 13 | Important | Denial of Service | XP/Vista/7/8/RT/2003/2008/2012/ |
| 14 | Important | Denial of Service | XP/Vista/7/8/RT/2003/2008/2012/ |
Looking at these Microsoft Patches, I would tend to most worried about the application level updates. It looks like Outlook and Excel are going to be updated. These patches will require some serious testing prior to deployment.
You can find out more from the Microsoft Advance Notification page for September 2013 here: https://technet.microsoft.com/en-us/security/bulletin/ms13-sep
No comments:
Post a Comment