Tech Talk

[Microsoft Security Bulletin MS13-047 - Critical]

FYI...

- https://technet.microsoft.com/en-us/security/bulletin/ms13-jun
June 11, 2013 - "This bulletin summary lists security bulletins released for June 2013...
(Total of -5-)

Microsoft Security Bulletin MS13-047 - Critical
Cumulative Security Update for Internet Explorer (2838727)
- https://technet.microsoft.com/en-us/security/bulletin/ms13-047
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

Microsoft Security Bulletin MS13-048 - Important
Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
- https://technet.microsoft.com/en-us/security/bulletin/ms13-048
Important - Information Disclosure - Requires restart - Microsoft Windows
- https://support.microsoft.com/kb/2839229
Last Review: June 15, 2013 - Revision: 4.1 - "... MS13-048... Known issues with this security update:
Customers who use non-updated versions of certain Kingsoft software products may experience issues installing this security update. In some cases, systems may not successfully restart after security update 2839229 is applied, and customers may encounter a blue or blank screen. We are aware that Kingsoft antivirus and browser product components (kisknl.sys, knbdrv.sys, and dgsafe.sys) may be affected. We recommend that customers update their Kingsoft software to the latest versions -before- security update 2839229 is applied..."

Microsoft Security Bulletin MS13-049 - Important
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
- https://technet.microsoft.com/en-us/security/bulletin/ms13-049
Important - Denial of Service - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-050 - Important
Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege
- https://technet.microsoft.com/en-us/security/bulletin/ms13-050
Important - Elevation of privilege - Requires restart - Microsoft Windows

Microsoft Security Bulletin MS13-051 - Important
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
- https://technet.microsoft.com/en-us/security/bulletin/ms13-051
Important - Remote Code Execution - May require restart - Microsoft Office
___

- http://blogs.technet.com/b/srd/archive/2013/06/11/ms13-051-get-out-of-my-office.aspx?Redirected=true
11 Jun 2013 - "MS13-051... We have seen this vulnerability exploited in targeted 0day attacks in the wild..."

- https://krebsonsecurity.com/2013/06/adobe-microsoft-patch-flash-windows/
11 Jun 2013 - "... five updates address 23 vulnerabilities in Windows, Internet Explorer, and Office..."

- http://blogs.technet.com/b/msrc/archive/2013/06/11/improved-cryptography-and-the-june-2013-bulletins.aspx?Redirected=true

Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesystemfile.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-45-71/8080.June-2013-DP-Slide.PNG

Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesystemfile.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-45-71/1512.June-2013-XI-and-Severity.PNG
___

- https://secunia.com/advisories/53728/ - MS13-047
- https://secunia.com/advisories/53739/ - MS13-048
- https://secunia.com/advisories/53741/ - MS13-049
- https://secunia.com/advisories/53742/ - MS13-050
- https://secunia.com/advisories/53747/ - MS13-051
___

ISC Analysis
- https://isc.sans.edu/diary.html?storyid=15977
Last Updated: 2013-06-11 17:10:35 UTC
___

MSRT
- https://support.microsoft.com/?kbid=890830
June 11, 2013 - Revision: 123.0

- http://www.microsoft.com/security/pc-security/malware-families.aspx
"... added in this release...
• Tupym..."

Download:
- https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx
Windows-KB890830-V5.1.exe - 19.1 MB
... Change systems:    
Windows Malicious Software Removal Tool x64:
Windows-KB890830-x64-V5.1.exe - 19.9 MB

.