Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
- https://technet.micr...lletin/ms13-jul
July 09, 2013 - "This bulletin summary lists security bulletins released for July 2013...
(Total of -7-)
Microsoft Security Bulletin MS13-052 - Critical
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
- https://technet.micr...lletin/ms13-052
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight
Microsoft Security Bulletin MS13-053 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)
- https://technet.micr...lletin/ms13-053
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-054 - Critical
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
- https://technet.micr...lletin/ms13-054
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft Office, Microsoft Visual Studio, Microsoft Lync
Microsoft Security Bulletin MS13-055 - Critical
Cumulative Security Update for Internet Explorer (2846071)
- https://technet.micr...lletin/ms13-055
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
V1.1 (July 9, 2013): Bulletin revised to announce that Microsoft is aware of targeted attacks attempting to exploit the vulnerability described in CVE-2013-3163 through Internet Explorer 8. Applying this security update protects customers from exploitation of this vulnerability.
- https://atlas.arbor..../index#31300424
High Severity
July 11, 2013
A 0day Internet Explorer exploit has been used in one or more targeted attack campaigns. Microsoft is aware of the issue but patching has yet to take place, leaving a window of vulnerability now that the issue is more well known.
Analysis: It is impossible to avoid all 0day attacks because by their very nature, few will know of the vulnerability. It's not secret that nation-states, security contractors and intelligence agencies have access to many vulnerabilities that are developed in-house or are part of covert markets. Despite this persistent problem with an unknown attack surface, reduction of attack surface is key, along with robust monitoring of resources of value for indicators of compromise. On the host side, Microsofts EMET technology stymies this particular exploit, although in general EMET can be evaded. Despite it's weaknesses, EMET is an extra layer of defense and it's low deployment likely means that some attackers will be less likely to attempt to bypass it's defenses. In the meanwhile, indicators from this particular attack can be useful to help determine if your organization has been targeted.
Source: http://blogs.technet...or-so-long.aspx
10 Jul 2013 - "... addressed by yesterday’s Microsoft Security Bulletin MS13-055. If you have not yet updated, please do so at the earliest possible..."
Microsoft Security Bulletin MS13-056 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)
- https://technet.micr...lletin/ms13-056
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-057 - Critical
Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)
- https://technet.micr...lletin/ms13-057
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-058 - Important
Vulnerability in Windows Defender Could Allow Elevation of Privilege (2847927)
- https://technet.micr...lletin/ms13-058
Important - Elevation of Privilege - Does not require restart - Microsoft Security Software
___
- http://blogs.technet...Redirected=true
9 Jul 2013
Bulletin Deployment Priority
- https://blogs.techne...uly-2013-DP.png
Severity and Exploitability Index
- https://blogs.techne...13-Severity.png
___
- https://secunia.com/advisories/54025/ - MS13-052
- https://secunia.com/advisories/53435/ - MS13-053
- https://secunia.com/advisories/54057/ - MS13-054
- https://secunia.com/advisories/54060/ - MS13-055
- https://secunia.com/advisories/54061/ - MS13-056
- https://secunia.com/advisories/54062/ - MS13-057
- https://secunia.com/advisories/54063/ - MS13-058
___
ISC Analysis
- https://isc.sans.edu...l?storyid=16126
Last Updated: 2013-07-09 18:22:06 UTC... (Version: 2)
- https://atlas.arbor....ndex#-271320476
Extreme Severity
July 11, 2013 21:27
Microsoft and Adobe release critical updates. There are apparently two in-the-wild exploits for Microsoft vulnerabilities that are patched herein, so quick deployment is important.
Analysis: One of the Microsoft security holes was disclosed to the public via sharing of exploit code. This has unsurprisingly resulted in the vulnerability being exploited in the wild. There is additional evidence to suggest another one of the vulnerabilities is also being exploited, and details are emergent. No known attacks are taking advantage of the security holes patched by Adobe, however it is always likely that resourceful attackers have known of at least some of these vulnerabilities and have used them in targeted attacks.
Source: https://krebsonsecur...itical-updates/
___
July 2013 Office Update Release
- https://blogs.techne...Redirected=true
9 Jul 2013
___
- https://www.computer...crosoft_Windows
July 9, 2013 - "... 17 of the 34 vulnerabilities covered in the bulletins address IE..."
- http://www.securityt....com/id/1028745
CVE Reference: CVE-2013-3115, CVE-2013-3143, CVE-2013-3144, CVE-2013-3145, CVE-2013-3146, CVE-2013-3147, CVE-2013-3148, CVE-2013-3149, CVE-2013-3150, CVE-2013-3151, CVE-2013-3152, CVE-2013-3153, CVE-2013-3161, CVE-2013-3162, CVE-2013-3163, CVE-2013-3164, CVE-2013-3166
Jul 9 2013
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 6, 7, 8, 9, 10 ...
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.micro...dvisory/2755801
V14.0 (July 9, 2013): Added the 2857645 update to the Current Update section.
Current Update: On July 9, 2013, Microsoft released an update (2857645) for all supported editions of Windows 8, Windows Server 2012, and Windows RT. The update addresses the vulnerabilities described in Adobe Security bulletin APSB13-17*. For more information about this update, including download links, see Microsoft Knowledge Base Article 2857645**. Note: The update for Windows RT is available via Windows Update only. The 2857645 update is also available for Internet Explorer 11 Preview in Windows 8.1 Preview and Windows 8.1 RT Preview releases. The update is available via Windows Update.
* http://www.adobe.com.../apsb13-17.html
CVE-2013-3344, CVE-2013-3345, CVE-2013-3347
Flash Player in Internet Explorer 10
** http://support.micro....com/kb/2857645
July 9, 2013
___
MSRT
- https://support.micr...om/?kbid=890830
Last Review: July 9, 2013 - Revision: 124.0
- http://www.microsoft...e-families.aspx
"... list includes every major virus and worm family the tool provides detection and cleaning capabilities for since its initial release on January 11, 2005..."
Download:
- https://www.microsof...ol-details.aspx
Windows-KB890830-V5.2.exe
Windows Malicious Software Removal Tool x64:
Windows-KB890830-x64-V5.2.exe
.
Edited by AplusWebMaster, 12 July 2013 - 05:34 AM.
