Tuesday, December 10, 2013

Microsoft Security Updates for December 2013


Microsoft released eleven (11) bulletins.  Five of the bulletins are identified as Critical with the remaining six bulletins rated Important.

The security updates address twenty-four (24) unique CVEs in Microsoft Windows, Internet Explorer, Office and Exchange.

Critical:
  • MS13-096 -- Vulnerability in Microsoft Graphics Component Could allow Remote Code Execution (2908005) 
  • MS13-097 -- Cumulative Security Update for Internet Explorer (2898785) 
  • MS13-098 -- Vulnerability in Windows Could Allow Remote Code Execution (2893294)
  • MS13-099 -- Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution (2909158)
  • MS13-105 -- Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705)
     
Important: 
  • MS13-100 -- Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2904244)
  • MS13-101 -- Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2880430) 
  • MS13-102 -- Vulnerability in LRPC Client Could Allow Elevation of Privilege (2898715) 
  • MS13-103 -- Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2905244)
  • MS13-104 -- Vulnerability in Microsoft Office Could Allow Information Disclosure (2909976)
  • MS13-106 -- Vulnerability in a Microsoft Office Shared Component Could Allow Security Feature Bypass
    (2905238) 

December Security Advisories

MSRT

Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Support

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.


The following additional information is provided in the Security Bulletin:

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


No comments: