09 APR 2013
Microsoft addresses the following vulnerabilities in its April batch of patches:
This patch addresses two vulnerabilities in Internet Explorer, the most severe of which may result to malware execution. Users may encounter this issue once they visit specific malicious website using Internet Explorer. Read more here.
This security update addresses a reported vulnerability in Windows Remote Desktop Client that, if successfully exploited, may allow a remote attacker to execute a malware or gain same system privileges as affected user. Read more here.
This security update addresses a vulnerability in Microsoft SharePoint Server that may lead to unwanted data exposure. However, an attacker may need Sharepoint site's authentication requests before exploiting this vulnerability. Read more here.
This security update resolves two vulnerabilities in Microsoft Windows that may give an attacker certain privileges. However, users must have login credentials to exploit these vulnerabilities. Read more here.
This security update addresses a vulnerability in Active Directory, which may allow denial of service if attacker sends query to the Lightweight Directory Access Protocol (LDAP) service. Read more here.
This security update addresses a vulnerability in Windows XP, Vista, Server 2033 and Server 2008. Exploiting this vulnerability may allow attacker to gain certain privilege and run a malicious application. However, an attacker need valid logon credential to initiate this. Read more here.
This security update addresses a vulnerability in the Microsoft Antimalware Client, which could permit an attacker to gain certain privileges. Once done, an attacker can also execute malware and take hold of the vulnerable system. However, attacker must need valid logon credentials to initiate an attack.Read more here.
This security update addresses a vulnerability in Microsoft Office that may lead to an attacker gaining certain user privileges. Read more here.
This security update addresses three four vulnerabilities in Microsoft Office, in which the most severe of which may allow elevation of privilege. However, attacker must have valid logon credentials to execute this. Read more here.
|MS Bulletin ID||Vulnerability ID||DPI Rule Number||DPI Rule Name||Release Date||IDF Compatibility|
|MS13-029||CVE-2013-1296||1005453||RDP ActiveX Control Remote Code Execution Vulnerability (CVE-2013-1296)||9-Apr-13||YES|
|MS13-032||CVE-2013-1282||1005455||Microsoft Active Directory Memory Consumption Vulnerability (CVE-2013-1282)||9-Apr-13||NO|