Overview of security patches from Microsoft for April 2013

Posted: April 10, 2013 in Vulnerability News
Tags: , , , , ,

Microsoft Security Bulletin

Microsoft Security Bulletin

Microsoft Security Bulletin Summary for April 2013

In March 2013, Microsoft released seven security bulletins that fixed 20 vulnerabilities.

In April 2013, Microsoft released nine security bulletins that were fixed three vulnerability high level and 11 low level risk vulnerabilities.

Bulletin: 13-028

CVE ID: CVE-2013-1303
CVE-2013-1304
Vulnerable component: Microsoft Internet Explorer
Exploit: No
Severity Rating: Critical

Vulnerability Description: Multiple vulnerabilities in Microsoft Internet Explorer

The vulnerability allows a remote user to execute arbitrary code on the target system.

1. An error in the use upon release. This can be exploited to corrupt memory and execute arbitrary code on the target system.

2. An error in the use upon release. This can be exploited to corrupt memory and execute arbitrary code on the target system.

Bulletin: 13-029

CVE ID: CVE-2013-1296
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Critical

The vulnerability: Execution of arbitrary code in RDP client in Microsoft Windows

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to unsafe use of the method in Remote Desktop ActiveX component in mstscax.dll. This can be exploited via a specially crafted web-site to execute arbitrary code on the target system.

Bulletin: 13-030

CVE ID: CVE-2013-1290
Vulnerable component: Microsoft SharePoint Server
Exploit: No
Severity Rating: Important

The vulnerability: Disclosure of sensitive data in Microsoft SharePoint Server

The vulnerability allows a remote user to gain access to sensitive data on the system.

The vulnerability is caused due to the application provides access to the SharePoint list by default. A remote user can gain access to sensitive data.

Successful exploitation must pass an authentication request Site SharePoint, as well as to know the address or location of the SharePoint list.

Bulletin: 13-031

CVE ID: CVE-2013-1284
CVE-2013-129
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Important

Description of Vulnerability: privilege escalation Microsoft Windows 8/2012

Vulnerability allows local users to gain escalated privileges.

An error in the processing status of the operation of objects in memory. A local user can gain escalated privileges on the system.

Bulletin: 13-032

CVE ID: CVE-2013-1282
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Important

The vulnerability: Denial of Service in Active Directory in Microsoft Windows

The vulnerability allows a remote user to cause a denial-of-service systems.

The vulnerability is caused due to an error when processing LDAP requests. This can be exploited to crash the system.

Bulletin: 13-033

CVE ID: CVE-2013-1295
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Important

Description of Vulnerability: privilege escalation CSRSS subsystem in Microsoft Windows

Vulnerability allows local users to gain escalated privileges.

The vulnerability is caused due to an unspecified error in Windows CSRSS. A local user can gain escalated privileges on the system.

Bulletin: 13-034

CVE ID: CVE-2013-0078
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Important

Description of Vulnerability: privilege escalation in Windows Defender

Vulnerability allows local users to gain escalated privileges.

The vulnerability is caused due to an error when processing file names in Microsoft Antimalware Client. A local user may be exploited to increase the file escalated privileges.

Bulletin: 13-035

CVE ID: CVE-2013-1289
Vulnerable component: Microsoft Windows

Affected products:

– Microsoft InfoPath 2010
– Microsoft Office SharePoint Server 2010
– Microsoft Groove Server 2010
– Microsoft SharePoint Foundation 2010
– Microsoft Office Web Apps 2010

Exploit: Yes
Severity Rating: Important

Description of Vulnerability: cross-site scripting filter component HTML code in Microsoft products

The vulnerability allows malicious people to conduct XSS attacks.

An error in the component filter HTML code when processing strings. This can be exploited to execute arbitrary HTML and script code in the uyavimoy system in context of the user.

Note: The vulnerability is being actively exploited in the present.

Bulletin: 13-036

CVE ID: CVE-2013-1283
CVE-2013-1291
CVE-2013-1292
CVE-2013-1293
Vulnerable component: Microsoft Windows
Exploit: No
Severity Rating: Important

Description:

– Vulnerability in the processing of OpenType fonts in Microsoft Windows
– A null pointer dereference in the NTFS-driver in Microsoft Windows
– Privilege escalation in Microsoft Windows

1. The vulnerability allows a remote user to cause a denial-of-service systems.
The vulnerability is caused due to an unspecified error in the processing of OpenType fonts. This can be exploited via a specially crafted font file to crash the system.

Note: The vulnerability only applies to 32-bit systems.

2. Vulnerability allows local users to gain escalated privileges.

An error null pointer dereference in the NTFS-driver. A local user can gain escalated privileges on the system.

3. The vulnerability could allow a local user to execute arbitrary code on the target system.

An error in the processing of the operation status of memory objects. A local user can escalate privileges on the system.

4. The vulnerability could allow a local user to execute arbitrary code on the target system.

An error in the processing of the operation status of memory objects. A local user can escalate privileges on the system.

Note that the vulnerability CVE-2013-1289 is actively operated at present.

Malwarelist.net encourages his readers to install security patches as soon as possible.

Link: http://technet.microsoft.com/en-us/security/bulletin/ms13-apr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s