May 2013 - Microsoft Releases 7 Security Advisories
DESCRIPTION
Microsoft addresses the following vulnerabilities in its May batch of patches:
- (MS13-037) Cumulative Security Update for Internet Explorer (2829530)
Risk Rating: Critical
This patch addresses eleven vulnerabilities found in Internet Explorer, which may lead to malware execution. Users may encounter this attack when visiting specific webpage using Internet Explorer. Exploiting this vulnerability can also give attacker same access right as current user.Read more here.
- (MS13-038) Security Update for Internet Explorer (2847204)
Risk Rating: Critical
This patch addresses one publicly disclosed vulnerability in Internet Explorer that may lead to remote code execution. Users may encounter this by visiting compromised webpage. Read more here.
- (MS13-039) Vulnerability in HTTP.sys Could Allow Denial of Service (2829254)
Risk Rating: Important
This patch addresses a security flaw found in Microsoft Windows. When exploited, this could lead to denial of service (DoS) attack. Read more here.
- (MS13-040) Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)
Risk Rating: Important
This patch addresses two vulnerabilities in the .NET framework that may lead to spoofing once a .NET application receives a malicious XML file. Once exploit is successful, attacker could modify the content of .XML file and gain endpoint functions. Read more here.
- (MS13-041) Vulnerability in Lync Could Allow Remote Code Execution (2834695)
Risk Rating: Important
This patch addresses a vulnerability in Microsoft Lync that may allow an attacker to execute a malware. For attack to be successful, attacker must make a user accpet a Lync or Communicator invitation then share a malicious file or program disguised as a presentation in Lync of Communicator. Read more here.
- (MS13-042) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2830397)
Risk Rating: Important
This patch addresses eleven vulnerabilities in Microsoft Office that could lead to users executing a malware. Users may encounter this via malware disguised as Publisher file and opening it using vulnerable Microsoft Publisher. Once done, attacker gains same user rights as the current user. Read more here.
- (MS13-043) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
Risk Rating: Important
This patch addresses a vulnerability in Microsoft Office that could allow remote code execution once user opens a malware disguised as an email message. Once successful, users can gain the same access rights as current user. Read more here.
- (MS13-044) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
Risk Rating: Important
This patch addresses a vulnerability in Microsoft Office that may lead to unwanted information disclosure by opening a specifically crafted Visio file. Read more here.
- (MS13-045) Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)
Risk Rating: Important
This patch addresses a vulnerability . Read more here.
- (MS13-046) Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)
Risk Rating: Important
This patch addresses a vulnerability in Microsoft Windows that may lead to an attacker gaining elevation of privilege. To do this, an attacker must have valid logon credentials before exploiting this vulnerability locally. Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
| MS Bulletin ID | Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | IDF Compatibility |
| MS13-037 | CVE-2013-1297 | 1005499 | Microsoft Internet Explorer JSON Array Information Disclosure Vulnerability | 14-May-13 | YES |
| MS13-037 | CVE-2013-1307 | 1005501 | Internet Explorer Use After Free Vulnerability | 14-May-13 | YES |
| MS13-037 | CVE-2013-1308 | 1005502 | Internet Explorer Use After Free Vulnerability (CVE-2013-1308) | 14-May-13 | YES |
| MS13-037 | CVE-2013-1309 | 1005503 | Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-1309) | 14-MaY-13 | YES |
| MS13-037 | CVE-2013-1310 | 1005504 | Internet Explorer Use After Free Vulnerability (CVE-2013-1310) | 14-May-13 | YES |
| MS13-037 | CVE-2013-1311 | 1005505 | Internet Explorer Use After Free Vulnerability (CVE-2013-1311) | 12-Mar-13 | YES |
| MS13-037 | CVE-2013-1312 | 1005506 | Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-1312) | 14-MaY-13 | YES |
| MS13-037 | CVE-2013-2551 | 1005510 | Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-2551) | 14-May-13 | YES |
| MS13-038 | CVE-2013-1347 | 1005491 | Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1347) | 14-May-13 | YES |
| MS13-039 | CVE-2013-1305 | 1005507 | HTTP.sys Denial Of Service Vulnerability (CVE-2013-1305) | 14-May-13 | NO |
| MS13-040 | CVE-2013-1336 | 1005508 | XML Digital Signature Spoofing Vulnerability (CVE-2013-1336) | 14-MaY-13 | YES |
| MS13-044 | CVE-2013-1301 | 10005498 | XML External Entities Resolution Vulnerability (CVE-2013-1301) | 14-May-13 | YES |