February 2013 - Microsoft Releases 12 Security Advisories

  Severity: HIGH
  Advisory Date: FEB 12, 2013

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its February batch of patches:

  • (MS13-009) Cumulative Security Update for Internet Explorer (2792100)
    Risk Rating: Critical

    This patch addresses vulnerabilities in Internet Explorer, which can allow remote code execution when exploited thus compromising the security of the affected system. Any remote attacker can gain user rights as the current user once these vulnerabilities are exploited. This update covers 13 vulnerabilities. Read more here.

  • (MS13-010) Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2797052)
    Risk Rating: Critical

    This patch addresses a vulnerability found in Microsoft implementation of Vector Markup Language (VML). It can allow remote code execution once usersview a webpage via Internet Explorer. Read more here.

  • (MS13-011) Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)
    Risk Rating: Critical

    This patch addresses a vulnerability found in Microsoft Windows. Once an affected user opens a specially crated media file and a Microsoft Office document with a specially crafted embedded media file, it could lead to remote code execution thus compromising the security of the system. Read more here.

  • (MS13-012) Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2809279)
    Risk Rating: Critical

    This patch addresses vulnerabilities found in Microsoft Exchange Server. One of the vulnerabilities, which exists in Microsoft Exchange Server WebReady Document Viewing can allow remote code execution in relation to transcoding service on the Exchange server once affected users user previews a specially crafted file via Outlook Web App (OWA). Read more here.

  • (MS13-013) Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242)
    Risk Rating: Important

    This patch addresses vulnerabilities found in Microsoft FAST Search Server 2010 for SharePoint. The said vulnerabilities could potentially lead to remote execution. Accordingly, FAST Search Server for SharePoint is affected by this once Advanced Filter Pack is enabled.

    Read more here.

  • (MS13-014) Vulnerability in NFS Server Could Allow Denial of Service (2790978)
    Risk Rating: Important

    This patch addresses a vulnerability in Microsoft Windows, which can allow denial of service when exploited sucessfully. In addition, any remote attacker who successfully exploits this vulnerability can cause the infected system to restart or stop responding.

    Read more here.

  • (MS13-015) Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)
    Risk Rating: Important

    This patch addresses a vulnerability found in the .NET Framework. Once users view a specially crafted webpage via a web browser running in XAML Browser Applications, it can allow elevation of privilege. Furthermore, this vulnerability can be leveraged by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

    Read more here.

  • (MS13-016) Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778344)
    Risk Rating: Important

    This patch addresses 30 vulnerabilities found in Microsoft Windows, which can result to elevation of privilege once a remote attacker logs on the affected system and execute a specially crafted application.

    Read more here.

  • (MS13-017) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494)
    Risk Rating: Important

    This patch addresses vulnerabilities in Microsoft Windows, which can allow elevation of privilege once an attacker logs and runs a specially crafted application. Note, however that for a remote attacker to exploit this, he must be able to log on locally.

    Read more here.

  • (MS13-018) Vulnerability in TCP/IP Could Allow Denial of Service (2790655)
    Risk Rating: Important

    This patch addresses a vulnerability found in Microsoft Windows, which could allow denial of service if a remote attacker sends a specially crafted connection termination packet to effectively compromise the system.

    Read more here.

  • (MS13-019) Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2790113)
    Risk Rating: Important

    Read more here.

    This patch addresses a vulnerability found in Microsoft Windows, which could allow elevation of privilege once a remote attacker logs and runs a specially crafted application on the system. Note, however that remote attackers need to log on locally to be able to exploit this.

  • (MS13-020) Vulnerability in OLE Automation Could Allow Remote Code Execution (2802968)
    Risk Rating: Critical

    This patch addresses a vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation, which can allow remote code execution when users open a specially crafted file.

    Read more here.

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date IDF Compatibility
MS13-009 CVE-2013-0015 1005364 Internet Explorer Shift JIS Character Encoding Vulnerability (CVE-2013-0015) 12-Feb-13 YES
CVE-2013-0018 1005365 Microsoft Internet Explorer SetCapture Use After Free Vulnerability (CVE-2013-0018) 12-Feb-13 YES
CVE-2013-0019 1005366 Microsoft Internet Explorer COMWindowProxy Use After Free Vulnerability (CVE-2013-0019 12-Feb-13 YES
CVE-2013-0020 1005367 Microsoft Internet Explorer CMarkup Use After Free Vulnerability (CVE-2013-0020) 12-Feb-13 YES
CVE-2013-0021 1005368 Microsoft Internet Explorer vtable Use After Free Vulnerability (CVE-2013-0021) 12-Feb-13 YES
CVE-2013-0022 1005369 Microsoft Internet Explorer LsGetTrailInfo Use After Free Vulnerability (CVE-2013-0022) 12-Feb-13 YES
CVE-2013-0023 1005370 Internet Explorer CDispNode Use After Free Vulnerability (CVE-2013-0023) 12-Feb-13 YES
CVE-2013-0024 1005371 Internet Explorer pasteHTML Use After Free Vulnerability (CVE-2013-0024) 12-Feb-13 YES
CVE-2013-0025 1005372 Internet Explorer SLayoutRun Use After Free Vulnerability (CVE-2013-0025) 12-Feb-13 YES
CVE-2013-0026 1005373 Internet Explorer InsertElement Use After Free Vulnerability (CVE-2013-0026) 12-Feb-13 YES
CVE-2013-0027 1005374 Internet Explorer CPasteCommand Use After Free Vulnerability (CVE-2013-0027) 12-Feb-13 YES
CVE-2013-0028 1005375 Internet Explorer CObjectElement Use After Free Vulnerability (CVE-2013-0028) 12-Feb-13 YES
CVE-2013-0029 1005376 Internet Explorer CHTML Use After Free Vulnerability (CVE-2013-0029) 12-Feb-13 YES
MS13-010 CVE-2013-0030 1005377 VML Memory Corruption Vulnerability (CVE-2013-0030) 12-Feb-13 YES
MS13-015 CVE-2013-0073 1005384 Identified Download Of XBAP File Over HTTP 12-Feb-13 YES
MS13-020 CVE-2013-1313 1005382 Microsoft Office Common Controls Remote Code Execution Vulnerability (CVE-2013-1313) 12-Feb-13 YES
CVE-2013-1313 1005381 Common Controls Remote Code Execution Vulnerability (CVE-2013-1313) 12-Feb-13 YES
CVE-2013-1313 1005152 Restrict Microsoft Windows TabStrip ActiveX Control 14-Aug-12 YES

  OTHER INFORMATION

Featured Stories