Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MS Security Bulletin Summary - April 2013

Started by AplusWebMaster , Apr 09 2013 11:28 AM

  • Please log in to reply
3 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 09 April 2013 - 11:28 AM

FYI...

- https://technet.micr...lletin/ms13-apr
April 09, 2013 - "This bulletin summary lists security bulletins released for April 2013...
(Total of -9-)

Microsoft Security Bulletin MS13-028 - Critical
Cumulative Security Update for Internet Explorer (2817183)
- https://technet.micr...lletin/ms13-028
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS13-029 - Critical
Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)
- https://technet.micr...lletin/ms13-029
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS13-030 - Important
Vulnerability in SharePoint Could Allow Information Disclosure (2827663)
- https://technet.micr...lletin/ms13-030
Important - Information Disclosure - May require restart - Microsoft Office, Microsoft Server Software

Microsoft Security Bulletin MS13-031 - Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)
- https://technet.micr...lletin/ms13-031
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-032 - Important
Vulnerability in Active Directory Could Lead to Denial of Service (2830914)
- https://technet.micr...lletin/ms13-032
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-033 - Important
Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2820917)
- https://technet.micr...lletin/ms13-033
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-034 - Important
Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)
- http://technet.micro...lletin/ms13-034
Important - Elevation of Privilege - Requires restart - Microsoft Security Software

Microsoft Security Bulletin MS13-035 - Important
Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)
- https://technet.micr...lletin/ms13-035
Important - Elevation of Privilege - May require restart - Microsoft Office, Microsoft Server Software

Microsoft Security Bulletin MS13-036 - Important
Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)
- https://technet.micr...lletin/ms13-036
Important - Elevation of Privilege - Requires restart - Microsoft Windows
V2.0 (April 11, 2013): Added links to Microsoft Knowledge Base Article 2823324 and Microsoft Knowledge Base Article 2839011 under Known Issues. Removed Download Center links for Microsoft security update 2823324. Microsoft recommends that customers uninstall this update. See the Update FAQ for details.

MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys):
* http://support.micro...b/2823324/en-us
Last Review: April 11, 2013 - Revision: 2.1 - See: "Known issues with this security update... Microsoft recommends that customers -uninstall- this update..."

MS13-036: Description of the security update for the Windows kernel-mode driver (win32k.sys)
- http://support.micro...b;en-us;2808735
Last Review: April 9, 2013 - Revision: 1.0 - "Known issues with this security update: After you install this security update, certain Multiple Master fonts cannot be installed..."
___

Bulletin Deployment Priority
- https://blogs.techne...2D00_Slide2.PNG

Severity and Exploitability Index
- https://blogs.techne...2D00_Slide1.PNG

- http://blogs.technet...Redirected=true

- http://blogs.technet...Redirected=true
9 Apr 2013 - "... nine security bulletins addressing 13 CVE’s..."
___

ISC Analysis
- https://isc.sans.edu...l?storyid=15577
Last Updated: 2013-04-09 17:59:33 UTC
___

- https://secunia.com/advisories/52874/ - MS13-028
- https://secunia.com/advisories/52911/ - MS13-029
- https://secunia.com/advisories/52914/ - MS13-030
- https://secunia.com/advisories/52916/ - MS13-031
- https://secunia.com/advisories/52917/ - MS13-032
- https://secunia.com/advisories/52919/ - MS13-033
- https://secunia.com/advisories/52921/ - MS13-034
- https://secunia.com/advisories/52928/ - MS13-035
- https://secunia.com/advisories/52930/ - MS13-036
___

MSRT
- https://support.micr...om/?kbid=890830
Last Review: April 9, 2013 - Revision: 121.0

- http://www.microsoft...e-families.aspx
"... added in this release...
• Babonock
• Redyms
• Vesenlosow..."

- https://blogs.techne...Redirected=true

Download:
- https://www.microsof...i...ng=en&id=16
File Name: Windows-KB890830-V4.19.exe - 18.7 MB
- https://www.microsof...ls.aspx?id=9905
x64 version of MSRT:
File Name: Windows-KB890830-x64-V4.19.exe - 19.4 MB

.

Edited by AplusWebMaster, 17 April 2013 - 04:41 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 11 April 2013 - 11:44 AM

FYI...

MS13-036 problems - KB2823324 / KB2829996
- https://isc.sans.edu...l?storyid=15593
Last Updated: 2013-04-11 02:13:03 UTC

- https://isc.sans.edu...s/15593#comment
Date: Wed, 10 Apr 2013 14:53:23 -0700
From: Susan Bradley - patchmanagement.org
Subject: MS13-036 / KB2829996
Getting early unconfirmed reports in Brazil that MS13-036 / KB2829996 MS13-036 is causing system hangs that require replacing ntfs.sys to get the machines up and running again so they can perform a system restore...
___

Stop 0xc000000e startup error in Windows 7 after you install security update 2823324*
- https://support.micr....com/kb/2839011
Last Review: April 12, 2013 - Revision: 2.0
"Microsoft is investigating behavior wherein systems may not recover from a restart or applications cannot load after security update 2823324 is applied. We recommend that customers uninstall this update. As an added precaution, Microsoft has removed the download links to the 2823324 update while we investigate..."

MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys):
* http://support.micro...b/2823324/en-us
Last Review: April 12, 2013 - Revision: 2.2 - See: "Known issues with this security update..."

- https://blogs.techne...Redirected=true
MSRCTeam | 11 Apr 2013 7:10 PM

:ph34r: :(

Edited by AplusWebMaster, 12 April 2013 - 04:55 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 18 April 2013 - 04:05 AM

FYI...

Repair Disk for KB2823324 and KB2782476 (KB2840165)
To help customers who are experiencing difficulties restarting their systems after installation of security update 2823324
- https://www.microsof...s.aspx?id=38435
4/17/2013

Thanks to Susan Bradley for posting it @ patchmanagement.org

:ph34r:

Edited by AplusWebMaster, 18 April 2013 - 04:42 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 23 April 2013 - 06:39 PM

FYI...

Microsoft Security Bulletin MS13-036 - Important
Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)
- http://technet.micro...lletin/ms13-036
V3.0 (April 23, 2013): Rereleased bulletin to replace the 2823324 update with the 2840149 update for NTFS.sys when installed on supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. See the Update FAQ* for details.
* "To address known issues with security update 2823324, Microsoft rereleased bulletin MS13-036 to replace the 2823324 update with the 2840149 update for NTFS.sys when installed on all affected versions of Microsoft Windows. Security update 2823324 was expired on April 11, 2013. Microsoft strongly recommends that customers with the 2823324 update still installed should -uninstall- the update prior to applying the 2840149 update*. All customers should apply the 2840149 update, which replaces the expired 2823324 update."
** http://support.micro....com/kb/2840149

- https://blogs.techne...Redirected=true
23 Apr 2013
___

- http://technet.micro...lletin/ms13-036
Updated: Wednesday, April 24, 2013
Revisions:
• V1.0 (April 9, 2013): Bulletin published.
• V2.0 (April 11, 2013): Added links to Microsoft Knowledge Base Article 2823324 and Microsoft Knowledge Base Article 2839011 under Known Issues. Removed Download Center links for Microsoft security update 2823324. Microsoft recommends that customers uninstall this update. See the Update FAQ for details.
• V2.1 (April 17, 2013): Added FAQs to provide additional guidance for customers who are having difficulties restarting their systems after installing security update 2823324. See the Update FAQ for details.
• V3.0 (April 23, 2013): Rereleased bulletin to replace the 2823324 update with the 2840149 update for NTFS.sys when installed on supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. See the Update FAQ for details.
• V3.1 (April 24, 2013): Corrected KB article hyperlink and incorrect KB numbers for Windows 7 for x64-based Systems and Windows Server 2008 R2 for Itanium-based Systems in the Affected Software table. These are informational changes only.

- https://windowssecre...ur-docs/#story6
April 24, 2013
MS13-036 (2808735, 2823324, 2840149)
> A Windows kernel update causes havoc for some
... recommend keeping KB 2808735, also included in MS13-036, on hold, too ..."

:ph34r:

Edited by AplusWebMaster, 02 May 2013 - 07:07 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics

Back to Archive Old Updates · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Updates To Software
  4. Archive Old Updates
  5. Privacy Policy
  6. Terms of Use ·