Severity: : High
  Advisory Date: 09 de апреля de 2013

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its April batch of patches:

  • (MS13-028) Cumulative Security Update for Internet Explorer (2817183)
    Risk Rating: Critical

    This patch addresses two vulnerabilities in Internet Explorer, the most severe of which may result to malware execution. Users may encounter this issue once they visit specific malicious website using Internet Explorer. Read more here.

  • (MS13-029) Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
    Risk Rating: Critical

    This security update addresses a reported vulnerability in Windows Remote Desktop Client that, if successfully exploited, may allow a remote attacker to execute a malware or gain same system privileges as affected user. Read more here.

  • (MS13-030) Vulnerability in SharePoint Could Allow Information Disclosure (2827663)
    Risk Rating: Important

    This security update addresses a vulnerability in Microsoft SharePoint Server that may lead to unwanted data exposure. However, an attacker may need Sharepoint site's authentication requests before exploiting this vulnerability. Read more here.

  • (MS13-031) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)
    Risk Rating: Important

    This security update resolves two vulnerabilities in Microsoft Windows that may give an attacker certain privileges. However, users must have login credentials to exploit these vulnerabilities. Read more here.

  • (MS13-032) Vulnerability in Active Directory Could Lead to Denial of Service (2830914)
    Risk Rating: Important

    This security update addresses a vulnerability in Active Directory, which may allow denial of service if attacker sends query to the Lightweight Directory Access Protocol (LDAP) service. Read more here.

  • (MS13-033) Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2820917)
    Risk Rating: Important

    This security update addresses a vulnerability in Windows XP, Vista, Server 2033 and Server 2008. Exploiting this vulnerability may allow attacker to gain certain privilege and run a malicious application. However, an attacker need valid logon credential to initiate this. Read more here.

  • (MS13-034) Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)
    Risk Rating: Important

    This security update addresses a vulnerability in the Microsoft Antimalware Client, which could permit an attacker to gain certain privileges. Once done, an attacker can also execute malware and take hold of the vulnerable system. However, attacker must need valid logon credentials to initiate an attack.Read more here.

  • (MS13-035) Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)
    Risk Rating: Important

    This security update addresses a vulnerability in Microsoft Office that may lead to an attacker gaining certain user privileges. Read more here.

  • (MS13-036) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)
    Risk Rating: Important

    This security update addresses three four vulnerabilities in Microsoft Office, in which the most severe of which may allow elevation of privilege. However, attacker must have valid logon credentials to execute this. Read more here.

  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date IDF Compatibility
MS13-029 CVE-2013-1296 1005453 RDP ActiveX Control Remote Code Execution Vulnerability (CVE-2013-1296) 9-Apr-13 YES
MS13-032 CVE-2013-1282 1005455 Microsoft Active Directory Memory Consumption Vulnerability (CVE-2013-1282) 9-Apr-13 NO