Home > Microsoft Security > Microsoft Security Bulletin July 2013

Microsoft Security Bulletin July 2013

Contents

With the release of the security bulletins for July 2013, this bulletin summary replaces the bulletin advance notification originally issued July 4, 2013. Other versions are past their support life cycle. Use this table to learn about the likelihood of code execution and denial of service exploits within 30 days of security bulletin release, for each of the security updates that you I see that your system is lucky to count 33 updates is that because, you have a Microsoft 8.1? weblink

Includes all Windows content. System Center Configuration Manager System Center Configuration Manager Software Update Management simplifies the complex task of delivering and managing updates to IT systems across the enterprise. You can find them most easily by doing a keyword search for "security update." For customers of Microsoft Office for Mac, Microsoft AutoUpdate for Mac can help keep your Microsoft software Systems Management Server 2003 Microsoft Systems Management Server (SMS) delivers a highly-configurable enterprise solution for managing updates. https://technet.microsoft.com/en-us/library/security/ms13-jul.aspx

Microsoft Patch Tuesday Schedule

Support The affected software listed has been tested to determine which versions are affected. The Microsoft Update Catalog provides a searchable catalog of content made available through Windows Update and Microsoft Update, including security updates, drivers and service packs. Fix inside January 7, 2017 Microsoft Edge: show address bar all the time January 7, 2017 Microsoft: Windows 10 Bitlocker is slower, but also better January 6, 2017 About GhacksGhacks is Bulletin Information Executive Summaries The following table summarizes the security bulletins for this month in order of severity.

You’ll be auto redirected in 1 second. You can find them most easily by doing a keyword search for "security update". Windows Operating System and Components Windows XP Bulletin Identifier MS13-052 MS13-053 MS13-054 MS13-055 MS13-056 MS13-057 Aggregate Severity Rating Critical Critical Critical Critical Critical Critical Windows XP Service Pack 3Microsoft .NET Framework Microsoft Security Bulletin September 2016 You should review each software program or component listed to see whether any security updates pertain to your installation.

Non-Security Updates on MU, WU, and WSUS For information about non-security releases on Windows Update and Microsoft Update, please see: Microsoft Knowledge Base Article 894199: Description of Software Update Services and Important Security Feature Bypass Requires restart --------- Microsoft Windows Exploitability Index The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. V2.0 (August 13, 2013): For MS13-052, bulletin revised to rerelease the 2840628, 2840632, 2840642, 2844285, 2844286, 2844287, and 2844289 updates. The vulnerability could allow remote code execution if an attacker convinces a user to visit a specially crafted website or a website that hosts specially crafted content.

Not applicable Not applicable Not applicable MS16-094: Security Update for Secure Boot (3177404) CVE-2016-3287 Secure Boot Security Feature Bypass 1 - Exploitation More Likely 1 - Exploitation More Likely Not applicable Microsoft Security Bulletin November 2016 Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft

  • If the current user is logged on with administrative user rights, an attacker could take control of an affected system.
  • An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
  • Manage Your Profile | Flash Newsletter | Contact Us | Privacy Statement | Terms of Use | Trademarks | © 2017 Microsoft © 2017 Microsoft
  • Skip to main content Menu Energy.gov Office of the Chief Information Officer Search Search form Search Office of the Chief Information Officer Office of the Chief Information Officer ServicesServices Home Assistive

Microsoft Security Bulletin August 2016

Other Information Microsoft Windows Malicious Software Removal Tool For the bulletin release that occurs on the second Tuesday of each month, Microsoft has released an updated version of the Microsoft Windows https://technet.microsoft.com/en-us/security/bulletins.aspx To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners listed in Microsoft Active Protections Program (MAPP) Partners. Microsoft Patch Tuesday Schedule This guidance contains recommendations and information that can help IT professionals understand how to use various tools for detection and deployment of security updates. Microsoft Security Bulletin October 2016 Security solutions for IT professionals: TechNet Security Troubleshooting and Support Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center Local support according to

This bulletin spans more than one software category.   Microsoft Office Suites and Software Microsoft Office Software Bulletin Identifier MS13-054 Aggregate Severity Rating Important Microsoft Office 2003 Service Pack 3Microsoft Office have a peek at these guys Critical Remote Code Execution May require restart --------- Microsoft Office,Microsoft Office Services and Web Apps MS16-089 Security Update for Windows Secure Kernel Mode (3170050)This security update resolves a vulnerability in Microsoft Windows. Bulletin IDVulnerability TitleCVE IDExploitability Assessment for Latest Software ReleaseExploitability Assessment for Older Software ReleaseDenial of Service Exploitability AssessmentKey Notes MS13-059 Internet Explorer Memory Corruption Vulnerability CVE-2013-3184 3 - Exploit code unlikely Detection and Deployment Tools and Guidance Several resources are available to help administrators deploy security updates. Microsoft Patch Tuesday October 2016

Reply ilev July 11, 2013 at 12:27 am # This is an update for Defender. Critical Remote Code Execution Requires restart Microsoft Windows,Internet Explorer MS13-098 Vulnerability in Windows Could Allow Remote Code Execution (2893294) This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted RPC request. check over here Microsoft Active Protections Program (MAPP) To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release.

Review each of the assessments below, in accordance with your specific configuration, to prioritize your deployment of this month's updates. Microsoft Patch Tuesday September 2016 Critical Remote Code ExecutionMay require restartMicrosoft Server Software MS13-062 Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (2849470) This security update resolves a privately reported vulnerability in Microsoft Windows. For more information about what these ratings mean, and how they are determined, please see Microsoft Exploitability Index.

Bulletin IDVulnerability TitleCVE IDExploitability Assessment for Latest Software ReleaseExploitability Assessment for Older Software ReleaseDenial of Service Exploitability AssessmentKey Notes MS13-052 TrueType Font Parsing Vulnerability CVE-2013-3129 1 - Exploit code likely 1

V3.0 (August 27, 2013): For MS13-061, bulletin revised to announce the reoffering of the 2874216 update for Microsoft Exchange Server 2013 Cumulative Update 1 and Microsoft Exchange Server 2013 Cumulative Update The Update Compatibility Evaluator components included with Application Compatibility Toolkit aid in streamlining the testing and validation of Windows updates against installed applications. Important Elevation of Privilege Requires restart --------- Microsoft Windows MS16-091 Security Update for .NET Framework (3170048)This security update resolves a vulnerability in Microsoft .NET Framework. Microsoft Security Patches See the other tables in this section for additional affected software.   Microsoft Communication Platforms and Software Microsoft Lync 2010 Bulletin Identifier MS13-096 Aggregate Severity Rating Important Microsoft Lync 2010 (32-bit)

The vulnerability could not be exploited by anonymous users. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights. this content Microsoft has posted 6 Critical Bulletin and 1 Important Bulletins.

Security Strategies and Community Update Management Strategies Security Guidance for Update Management provides additional information about Microsoft’s best-practice recommendations for applying security updates.