6 replies to this topic

[AplusWebMaster]

FYI...

- https://technet.micr...lletin/ms13-sep
Sep 10, 2013 - "This bulletin summary lists security bulletins released for September 2013...
(Total of 13*)

* http://blogs.technet...Redirected=true
10 Sep 2013 - "... This month we released 13 bulletins – four Critical and nine Important – which addressed 47 unique CVEs in Microsoft Windows, Office, Internet Explorer and SharePoint..."

Microsoft Security Bulletin MS13-067 - Critical
Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)
- http://technet.micro...lletin/ms13-067
Critical - Remote Code Execution - May require restart - Microsoft Office, Microsoft Server Software
V1.2 (September 13, 2013): Revised bulletin to announce a detection change for the Excel Services on Microsoft SharePoint Server 2007 update (2760589). This is a detection change only. There were no changes to the update files. Customers who have successfully installed the update do not need to take any action.

Microsoft Security Bulletin MS13-068 - Critical
Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756473)
- http://technet.micro...lletin/ms13-068
Critical - Remote Code Execution - May require restart - Microsoft Office

Microsoft Security Bulletin MS13-069 - Critical
Cumulative Security Update for Internet Explorer (2870699)
- https://technet.micr...lletin/ms13-069
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS13-070 - Critical
Vulnerability in OLE Could Allow Remote Code Execution (2876217)
- https://technet.micr...lletin/ms13-070
Critical - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS13-071 - Important
Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063)
- https://technet.micr...lletin/ms13-071
Important - Remote Code Execution - May require restart - Microsoft Windows

Microsoft Security Bulletin MS13-072 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)
- https://technet.micr...lletin/ms13-072
Important - Remote Code Execution - May require restart - Microsoft Office
V1.1 (September 13, 2013): Revised bulletin to announce detection changes for the Microsoft Office 2007 update (2760411) and the Microsoft Word 2010 update (2767913). These are detection changes only. There were no changes to the update files. Customers who have successfully installed the updates do not need to take any action. Also updated the Known Issues entry in the Knowledge Base Article section from "Yes" to "None".

Microsoft Security Bulletin MS13-073 - Important
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)
- http://technet.micro...lletin/ms13-073
Important - Remote Code Execution - May require restart - Microsoft Office
V1.1 (September 13, 2013): Revised bulletin to announce detection changes for the Microsoft Excel 2003 update (2810048), Microsoft Excel 2007 update (2760583), Microsoft Excel Viewer update (2760590), and Microsoft Office Compatibility Pack update (2760588). These are detection changes only. There were no changes to the update files. Customers who have successfully installed the updates do not need to take any action. Also updated the Known Issues entry in the Knowledge Base Article section from "Yes" to "None".

Microsoft Security Bulletin MS13-074 - Important
Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (2848637)
- http://technet.micro...lletin/ms13-074
Important - Remote Code Execution - May require restart - Microsoft Office
V1.1 (September 13, 2013): Revised bulletin to announce a detection change for the Microsoft Access 2013 (64-bit editions) update (2810009). This is a detection change only. There were no changes to the update files. Customers who have successfully installed the update do not need to take any action.

Microsoft Security Bulletin MS13-075 - Important
Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687)
- http://technet.micro...lletin/ms13-075
Important - Elevation of Privilege - May require restart - Microsoft Office

Microsoft Security Bulletin MS13-076 - Important
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2876315)
- http://technet.micro...lletin/ms13-076
Important - Elevation of Privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-077 - Important
Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (2872339)
- http://technet.micro...lletin/ms13-077
Important - Elevation of Privilege - Requires restart - Microsoft Windows
V1.1 (September 11, 2013): Updated the Known Issues entry in the Knowledge Base Article section from "None" to "Yes".

Microsoft Security Bulletin MS13-078 - Important
Vulnerability in FrontPage Could Allow Information Disclosure (2825621)
- http://technet.micro...lletin/ms13-078
Important - Information Disclosure - May require restart - Microsoft Office

Microsoft Security Bulletin MS13-079 - Important
Vulnerability in Active Directory Could Allow Denial of Service (2853587)
- http://technet.micro...lletin/ms13-079
Important - Denial of Service - May require restart - Microsoft Windows
___

- http://blogs.technet...Redirected=true
10 Sep 2013

Bulletin Deployment Priority
- https://blogs.techne...13.DP-Slide.PNG

Severity and Exploitability Index
- https://blogs.techne...erity-Slide.PNG
___

- https://secunia.com/advisories/54741/ - MS13-067
- https://secunia.com/advisories/54729/ - MS13-068
- https://secunia.com/advisories/54725/ - MS13-069
- https://secunia.com/advisories/54735/ - MS13-070
- https://secunia.com/advisories/54736/ - MS13-071
- https://secunia.com/advisories/54737/ - MS13-072
- https://secunia.com/advisories/54739/ - MS13-073
- https://secunia.com/advisories/51856/ - MS13-074
- https://secunia.com/advisories/54742/ - MS13-075
- https://secunia.com/advisories/54743/ - MS13-076
- https://secunia.com/advisories/54745/ - MS13-077
- https://secunia.com/advisories/54747/ - MS13-078
- https://secunia.com/advisories/54750/ - MS13-079
___

ISC Analysis
- https://isc.sans.edu...l?storyid=16538
Last Updated: 2013-09-10 18:24:55 UTC ...(Version: 1)

.

Edited by AplusWebMaster, 13 September 2013 - 03:58 PM.

[AplusWebMaster]

FYI...

MS botches still more patches in latest Automatic Update
... the day after Black Tuesday. Watch out for automatic patches KB 2817630, KB 2810009, KB 2760411, KB 2760588, and KB 2760583
- http://www.infoworld...c-update-226594
Sep 11, 2013 - "No sooner did Microsoft release the latest round of Black Tuesday patches, than screams of agony began sounding all over the Internet. At this point, I've seen -verified- problems with KB 2817630, KB 2810009, KB 2760411, KB 2760588, and KB 2760583... No guidance for handling the problem is on offer in the usual forums, because the people moderating the forums haven't a clue what went wrong and Microsoft isn't saying a thing..."

[AplusWebMaster]

FYI...

Outlook 2013 Folder Pane Disappears After Installing September 2013 Public Update
- https://blogs.techne...Redirected=true
11 Sep 2013 - "Shortly after publishing the September Public Update, we received notifications of a potential issue with Outlook 2013 after installing the non-security update KB2817630. Based on those reports we immediately removed the patch from Microsoft Update. If you haven’t already downloaded or installed the patch, you will not have these problems or be offered the problematic patch. In contrast to what has been reported, MS13-068 is not the cause nor is it affected by this issue...
Due to a version incompatibility between outlook.exe and mso.dll, a mismatched reference to a data structure causes the “Minimize” button in the navigation pane to render incorrectly, typically extremely large to the point that the navigation pane is "invisible" to the user. The issue only manifests when incompatible versions of outlook.exe and mso.dll exist on the system...
Two updates can get a user into this state. Installing the September Public Update delivers an updated version of mso.dll without updating outlook.exe, resulting in the incorrect user interface.
•If you have Automatic Updates enabled, visit the Add Remove Programs feature of your Windows Installation, and uninstall KB2817630. Close Outlook and restart.
•If you have installed the August Cumulative update (which you must do manually), removing KB2817347 will correct the issue. From the Add Remove Programs feature, select KB2817347 from the list and select “Uninstall.” Close Outlook and restart.
•If you have BOTH Updates installed, the problem is not evident. The issue only manifests when one of the updates has been installed. If you have updated to the September Public Update and you want to roll forward, install the August Cumulative update, KB2817347.
We are also working on re-publishing the September Public Update with the correct versions of both mso.dll and outlook.exe to ensure users with automatic updates enabled will receive the correct fix..."
___

Superceded by:
- http://blogs.technet...s-and-sccm.aspx
Dated 12 Sep 2013, which in reality did not get the revisions released until 13 Sep 2013...

Edited by AplusWebMaster, 14 September 2013 - 04:37 AM.

[AplusWebMaster]

FYI...

Reboot Wednesday: Yesterday's Patch Tuesday Aftermath
- https://isc.sans.edu...Aftermath/16556
Comments: 15 hours ago ... [Susan Bradley]

"KB2810009 users are reporting error 80242009 upon install see:
http://social.techne...kb2810009-issue

Next: Office 2007 updates:
1.Security Fixes MS13-072 and MS13-073 MS13-074
KB2760411
KB2760588
KB2760583
http://answers.micro...n=1378836774249

Two security updates released yesterday MS13-072, MS13-073 and MS13-074, These are installing fine but if you scan the machine again for updates, show up again and again and again. Currently there is -no- fix available for these other than to say that the update is applied but it is not getting properly detected. The product group is aware of the issues and are working on it.

Outlook 2013 - see http://blogs.technet...lic-update.aspx "
___

- https://windowssecre...eptember-fixes/
Sep 11, 2013
___

MS13-073: Description of the security update for Microsoft Office Excel 2007 ...
- http://support.micro...b/2760583/en-us
Last Review: September 13, 2013 - Revision: 4.0
"... Known issues with this update: Customers may have been repeatedly offered this update even though it was already installed. Note: This issue is resolved by a detection change released September 13, 2013. This change did not affect the updated files. This change only affects the way that we offer the updates to customers..."

Edited by AplusWebMaster, 14 September 2013 - 04:16 AM.

[AplusWebMaster]

FYI...

MS pulls botched KB 2871630 - many Office patch problems remain
- http://www.infoworld...s-remain-226690
Sep 12, 2013 - "... KB 2871630, the one that caused the folder list in Outlook 2013 to disappear - was pulled early Wednesday morning...
While KB 2876130 is reined in for the moment, a whole slew of this month's patches are still causing problems on some machines:
• Two Office 2007 security updates - MS13-072 / KB2760411 and KB2760588 - and one Excel 2007 security update - MS13-073 / KB2760583 - are installing over and over again... The KB articles now say, "You may be repeatedly offered this update even though it is already installed. Microsoft is researching this problem and will post more information in this article when the information becomes available." At this point there's no additional information.
• The MS13-073 / KB 2810048 security patch for Excel 2003 installs over and over again. Two Answers forum threads in English - as well as several in other languages - have more than a hundred entries...
• The installer for the MS13-074 / KB 2810009 security patch for Access 2013 is failing with an error code 80242009... As of 11:00 p.m. Thursday, the TechNet MS13-074 article says "Known issues: None"
• The MS13-068 / KB 2794707 Outlook 2010 security patch is throwing off an error that looks just like the problem Microsoft encountered with Outlook in the Office 2010 SP 2 update, where the Calendar Folder property is empty. I've been told that Microsoft considers the problem to be "cosmetic" and it's relegated to "won't fix" status..."
___

MS13-072
- http://support.micro....com/kb/2760411
"Known issues with this update: Note The following issue is resolved by a detection change released September 13, 2013... Customers may have been repeatedly offered this update even though it was already installed."
Last Review: September 13, 2013 - Revision: 4.0
Applies to:
Microsoft Office Basic 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007 Home Use Program
Microsoft Office Home and Student 2007
Microsoft Office Professional 2007
Microsoft Office Professional Plus 2007
Microsoft Office Small Business 2007
Microsoft Office Standard 2007

MS13-073
- http://support.micro....com/kb/2760583
"Known issues with this update: Note The following issue is resolved by a detection change released September 13, 2013... Customers may have been repeatedly offered this update even though it was already installed."
Last Review: September 13, 2013 - Revision: 4.0
Applies to:
Microsoft Office Excel 2007
Microsoft Office Excel 2007 (Home and Student version)

MS13-073
- http://support.micro....com/kb/2760588
"Known issues with this update: Note The following issue is resolved by a detection change released September 13, 2013... Customers may have been repeatedly offered this update even though it was already installed."
Last Review: September 13, 2013 - Revision: 4.0
Applies to:
Microsoft Office Excel 2007
Microsoft Office Excel 2007 (Home and Student version)

MS13-073
- http://support.micro....com/kb/2810048
"Known issues with this update: Note The following issue is resolved by a detection change released September 13, 2013... Customers may have been repeatedly offered this update even though it was already installed."
Last Review: September 13, 2013 - Revision: 3.0
Applies to:
Microsoft Office 2003 Service Pack 3, when used with:
Microsoft Office Excel 2003

MS13-074
- http://support.micro....com/kb/2810009
"Known issues with this update: Note The following issue is resolved by a detection change released September 13, 2013... Customers may have been repeatedly offered this update even though it was already installed."
Last Review: September 13, 2013 - Revision: 4.0
Applies to:
Microsoft Access 2013

Edited by AplusWebMaster, 14 September 2013 - 02:51 AM.

[AplusWebMaster]

FYI...

- http://www.infoworld...-fiascos-227220
Sep 20, 2013 - "This month's Black Tuesday - Sept. 10, 2013 - enters the record books as Microsoft's most patch-botching month in history... The release dilemma is quite straightforward: Microsoft has to test the patches without letting them leak to the bad guys. Conventional wisdom dictates that if the bad guys can reverse engineer the patches before they roll down the Automatic Update chute, Windows as we know it will cease to exist... In September we had 116 patches on Black Tuesday. Twelve of them were subsequently yanked... mixing security with nonsecurity patches and pushing out more than a hundred at a time - that's just stupid. If Windows and Office are in such bad shape that we have to reboot twice a month, so be it..."
___

Office 2010 Starter Edition: File type associations missing after September 2013 Update
- http://blogs.technet...013-update.aspx
18 Sep 2013 - "... we have received reports of file type associations missing after installing KB2589275*. After installing this update, some users have reported they are unable to open files by double-clicking them, that the file type icons have changed, and that they must go to the application to open files... How to fix this issue: There are several options available to repair this issue. Each will restore Office products to a fully functional state. These are permanent fixes rather than having to revert to opening files inside the applications..."
* http://support.micro....com/kb/2589275
[Download has apparently been revoked.]
___

MS13-063 - KB 2859537 ...
- http://support.micro...b/2859537/en-us
Last Review: September 19, 2013 - Revision: 4.0 - "... Known issues with this security update:
While you are installing this security update, or after you install this security update on computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1, you may experience either of the following issues: You may receive a STOP 0x6B error message when you restart a computer after you perform a specific System Restore operation...
Note: Not all STOP 0x6B errors are caused by the issues that are described in this article.
Some users may experience issues with certain programs after they install security update 2859537. In some cases the programs may not successfully start..."

MS13-063: Vulnerabilities in Windows kernel could allow elevation of privilege
- http://technet.micro...lletin/ms13-063
V1.2 (September 13, 2013): Corrected update replacement for all affected software excluding Windows XP and Windows 8. This is an informational change only.

Edited by AplusWebMaster, 23 September 2013 - 01:28 PM.

[AplusWebMaster]

FYI...

MS13-068 - KB2794707- and Office 2010 SP2 - 2687455
Not all the Office patches are ready to install; the Office 2010 SP2 release still has issues.
- https://windowssecre...office-updates/
Sep 25, 2013 - "Microsoft should soon push out Office 2010 SP2 to everyone getting Windows updates automatically. (Previously, those users might have seen KB 2687455 listed in Windows Update but unchecked for installation.) I’m still not ready to give the full thumbs-up to this major update. As noted in MS forums*, some Office 2010 users who installed SP2 continue to receive false error messages in their application event log when they start up Outlook. The good news: the error is cosmetic. There’s no actual error, but the Office event logs could become cluttered with messages such as “Calendar Folder property is missing.” An event log filled with false errors can make it difficult to find the records of other PC problems — they roll off the the log sooner than normal and the event you’re looking for is gone. This problem can also occur after installing KB 2794707, a September security update for an Outlook vulnerability. We have several shared calendars in my office, and my event log is filled with the Event 27 “Calendar Folder property is missing” error. There’s currently no ETA on a fix for this issue. Because it’s consider cosmetic, it might be a low priority for Microsoft; however, I don’t find it reassuring to be told to ignore an error. Fortunately, the vulnerability patched by KB 2794707 is difficult to exploit, according to a Microsoft Security Research & Defense post**.
What to do: There’s probably no real harm in installing KBs 2687455 (Office 2010 SP2) and 2794707 (MS13-068). But it’s just as probable there’s no real harm in waiting until Microsoft provides a fix for these fixes. I recommend keeping both updates on -hold- for a while longer."
* http://social.techne...der-property-is

** http://blogs.technet...in-outlook.aspx

Office 2010 Service Pack 2
- http://support.micro....com/kb/2687455
Last Review: August 20, 2013 - Revision: 4.0

- http://support.micro....com/kb/2794707
Last Review: October 2, 2013 - Revision: 2.0
Applies to: Microsoft Outlook 2010

Edited by AplusWebMaster, 09 October 2013 - 01:15 AM.