monthly security bulletin briefing
play

Monthly Security Bulletin Briefing (July 2013) Teresa Ghiorzoe - PowerPoint PPT Presentation

Apr 23, 2023 •124 likes •413 views

Monthly Security Bulletin Briefing (July 2013) Teresa Ghiorzoe Security Program Manager LATAM Blog de Seguridad: http://blogs.technet.com/b/seguridad/ Twitter: LATAMSRC GBS Security Worldwide Programs 1 Security Advisories July 2013 New

  1. Monthly Security Bulletin Briefing (July 2013) Teresa Ghiorzoe Security Program Manager LATAM Blog de Seguridad: http://blogs.technet.com/b/seguridad/ Twitter: LATAMSRC GBS Security Worldwide Programs 1

  2. Security Advisories July 2013 New Rerelease Agenda 0 1 Other Security Resources Detection and Deployment • Table Product Support Lifecycle New Security • Information Bulletins July 2013 Bulletin Release • Summary 7 TechNet Public Webcast • Details Appendix Critical Important Malicious Software Removal • Tool Updates Public Security Bulletin Links • 6 1 July 2013 Non-Security • Updates GBS Security Worldwide Programs

  3. Exploit July 2013 Bulletin Impact Component Severity Priority Public Index Security MS13-052 Remote Code Execution .NET Framework Critical 2 1 Yes Bulletins MS13-053 Remote Code Execution Kernel-Mode Drivers Critical 1 1 Yes MS13-054 Remote Code Execution GDI + Critical 2 1 No MS13-055 Remote Code Execution Internet Explorer Critical 1 1 No MS13-056 Remote Code Execution DirectShow Critical 2 1 No MS13-057 Remote Code Execution Media Format Runtime Critical 2 2 No Windows Defender MS13-058 Elevation of Privilege Important 3 1 No Exploitability Index: 1 - Exploit code likely | 2 - Exploit code difficult | 3 - Exploit code unlikely | NA - Not Affected | * - Not Rated GBS Security Worldwide Programs

  4. Severity : Critical MS13-052 Affected Software: .NET Framework 1.0 SP3 on Windows XP  Vulnerabilities in Media Center & Tablet PC only More Information .NET Framework .NET Framework 1.1 SP1 Deployment Update  and / or Priority Replacement .NET Framework 2.0 SP2  Known Issues and Silverlight .NET Framework 3.0 SP2  MS10- 060​ .NET Framework 3.5  MS11-078 Could Allow 2 .NET Framework 3.5 SP1 MS12-034  MS12-035 Yes 3 Remote Code .NET Framework 3.5.1  MS12-074 .NET Framework 4.0  MS13-004 Execution .NET Framework 4.5  MS13-022 - on all supported editions of Windows (2861561) Restart Uninstall Support Silverlight 5 on Windows (all editions)  Requirement Silverlight 5 Developer Runtime on Windows   Use Add or Remove Silverlight 5 on Mac Programs in Control   A restart may be Panel Silverlight 5 Developer Runtime on Mac  required Detection and Deployment 1. The MBSA does not support Windows 8, WU MU MBSA WSUS ITMU SCCM Windows Server 2012, or Windows RT 2. Windows RT devices can only be serviced with Windows and Microsoft Update 3. Windows RT devices require update 2808380 Yes Yes Yes 1 | 2 Yes 2 Yes 2 Yes 2 to be installed before WU will offer this security update GBS Security Worldwide Programs

  5. Vulnerability Details: MS13-052 Four (4) remote code execution vulnerabilities exist in the .NET Framework and Silverlight that could allow an attacker • Vulnerabilities in to take complete control of an affected system if a user can be convinced to view a website that contains a specially crafted Silverlight application or to run a specially crafted Windows .NET Framework application. .NET Framework Three (3) elevation of privilege vulnerabilities exist in the .NET Framework that could allow an attacker to take • complete control of an affected system if a user can be convinced to view a website and run a specially crafted XBAP (XAML browser application) or to run a Windows .NET Framework application . and Silverlight CVE Severity Impact XI Latest XI Legacy XI DoS Public Exploited Advisory Could Allow CVE-2013-3129 Critical Remote Code Execution 1 1 P No None None CVE-2013-3131 Critical Remote Code Execution 2 2 NA Yes None None Remote Code CVE-2013-3132 Important Elevation of Privilege 3 3 NA No None None CVE-2013-3133 Important Elevation of Privilege 3 3 NA No None None CVE-2013-3134 Critical Remote Code Execution 2 2 NA Yes None None Execution CVE-2013-3171 Important Elevation of Privilege 3 3 NA No None None CVE-2013-3178 Critical Remote Code Execution 1 1 NA No None None (2861561) Attack Vectors Mitigations Workarounds A specially crafted Web page Exploitation only gains the same user Disable Silverlight in IE, Firefox, or • • • rights as the logged on account Chrome for CVE-2013-3131 and A specially crafted XAML browser • CVE-2013-3178 application Users would have to be persuaded to • visit a malicious web site Disable partially trusted .NET apps • A specially crafted Windows .NET • for CVE-2013-3131 application Cannot be exploited automatically • through e-mail, because a user must Disable XAML browser apps in IE • A specially crafted Silverlight • open an attachment application Restrict websites to only your • By default, XBAP applications prompt trusted websites • A specially crafted TrueType font • the user before executing code file for CVE-2013-3129 There are no workarounds for • By default, IE runs in a restricted CVE-2013-3129, CVE-2013-3134, • mode for all Windows Servers and CVE-2013-3171 There are no mitigations for CVE- • 2013-3129, CVE-2013-3171 Exploitability Index: 1 - Exploit code likely | 2 - Exploit code difficult | 3 - Exploit code unlikely | NA - Not Affected | * - Not Rated DoS Rating: T = Temporary (DoS ends when an attack ceases) | P = Permanent (Administrative action required to recover) GBS Security Worldwide Programs

  6. Severity | Critical MS13-053 Affected Software: Windows XP (all editions)  Vulnerabilities in Windows Server 2003 (all editions)  Windows Windows Vista (all editions) More Information  Deployment Update and / or Windows Server 2008 (all editions)  Priority Replacement Known Issues Kernel-Mode Windows 7 (all editions)  Windows Server 2008 R2 (all editions) 1  Drivers Could MS13-036 Windows 8 (all editions) Yes 3  MS13-046 Allow Remote Windows Server 2012 (all editions)  Windows RT (all editions)  Code Execution Restart Uninstall Support Requirement  Use Add or Remove (2850851) Programs in Control  A restart is Panel required Detection and Deployment 1. The MBSA does not support Windows 8, Windows Server 2012, or Windows RT WU MU MBSA WSUS ITMU SCCM 2. Windows RT devices can only be serviced with Windows and Microsoft Update 3. Windows RT devices require update 2808380 Yes Yes Yes 1 | 2 Yes 2 Yes 2 Yes 2 to be installed before WU will offer this security update GBS Security Worldwide Programs

  7. Vulnerability Details: MS13-053 Two (2) remote code execution vulnerabilities exist in the way that the Windows kernel-mode drivers improperly • Vulnerabilities in handle objects in memory and specially crafted TrueType font files could allow an attacker to take complete control of an affected system if a user opens a specially crafted file. Windows Five (5) elevation of privilege vulnerabilities exist when the Windows kernel-mode drivers improperly handle objects in • memory that could allow an attacker to execute arbitrary code with elevated privileges. A denial of service vulnerability exists in the way that the Windows kernel-mode driver improperly handles objects in • Kernel-Mode memory that could allow an attacker to cause the target system to stop responding. Drivers Could CVE Severity Impact XI Latest XI Legacy XI DoS Public Exploited Advisory CVE-2013-1300 Important Elevation of Privilege 1 1 P No No None Allow Remote CVE-2013-1340 Important Elevation of Privilege 3 1 P No No None CVE-2013-1345 Important Elevation of Privilege 3 1 P No No None Code Execution CVE-2013-3129 Critical Remote Code Execution 1 1 P No No None CVE-2013-3167 Important Elevation of Privilege NA 1 P No No None CVE-2013-3172 Moderate Denial of Service * * P Yes No None (2850851) CVE-2013-3173 Important Elevation of Privilege 1 1 P No No None CVE-2013-3660 Critical Remote Code Execution 3 3 P Yes Yes None Attack Vectors Mitigations Workarounds A specially crafted application An attacker must have valid logon Microsoft has not identified any • • • credentials and be able to log on workarounds for any of these A specially crafted TrueType font • locally to exploit this vulnerability vulnerabilities except… file for CVE-2013-3129 For CVE-2013-3129 For CVE-2013-3129 Users would have to be persuaded to Disable the WebClient service • • visit a malicious web site Block TCP ports 139 and 445 at • Cannot be exploited automatically the firewall • through e-mail, because a user must Disable the Preview Pane and • open an attachment Details Pane in Windows Explorer By default, all Microsoft e-mail clients • open HTML e-mail messages in the Restricted Sites zone Exploitability Index: 1 - Exploit code likely | 2 - Exploit code difficult | 3 - Exploit code unlikely | NA - Not Affected | * - Not Rated DoS Rating: T = Temporary (DoS ends when an attack ceases) | P = Permanent (Administrative action required to recover) GBS Security Worldwide Programs

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The HIS Bulletin (Health Informatics Service) What? A monthly digest bulletin, synthesising

The HIS Bulletin (Health Informatics Service) What? A monthly digest bulletin, synthesising

The HIS Bulletin (Health Informatics Service) What? A monthly digest bulletin, synthesising top news, reports, guidelines etc. Produced by the Library and Knowledge Service for Health Informatics Service Staff. Why? LKS usage

461 views • 13 slides
MACRA, MIPS, APMs & CPC+: What to Expect from All These Acronyms?! Monthly National Briefing

MACRA, MIPS, APMs & CPC+: What to Expect from All These Acronyms?! Monthly National Briefing

MACRA, MIPS, APMs & CPC+: What to Expect from All These Acronyms?! Monthly National Briefing April 26, 2016 1 Shari Erickson, MPH Vice President, Governmental Affairs & Medical Practice American College of Physicians 2 Laura

719 views • 20 slides
PCMH Resource Center (and Beyond!) Janice Genevro, PhD, MSW PCPCC Monthly Briefing May 21, 2015

PCMH Resource Center (and Beyond!) Janice Genevro, PhD, MSW PCPCC Monthly Briefing May 21, 2015

An Exploration of AHRQs PCMH Resource Center (and Beyond!) Janice Genevro, PhD, MSW PCPCC Monthly Briefing May 21, 2015 Session Overview Acknowledgements Quick primer on the Agency for Healthcare Research and Quality (AHRQ)

867 views • 34 slides
IMPLEMENTATION OF SECURITY COUNCIL RESOLUTION 2231 (2015) Ope Open Briefing n Briefing

IMPLEMENTATION OF SECURITY COUNCIL RESOLUTION 2231 (2015) Ope Open Briefing n Briefing

IMPLEMENTATION OF SECURITY COUNCIL RESOLUTION 2231 (2015) Ope Open Briefing n Briefing Security Council Facilitator New York, 1 March 2016 1 INTRODUCTION What has What are the changed since main provisions Implementation of Res. 2231?

416 views • 16 slides
PRESENTATION BULLETIN FOR BUSINESS ZONE IZOLA EAST The Bulletin is intended for small and

PRESENTATION BULLETIN FOR BUSINESS ZONE IZOLA EAST The Bulletin is intended for small and

PRESENTATION BULLETIN FOR BUSINESS ZONE IZOLA EAST The Bulletin is intended for small and medium-sized enterprises engaged in production or service activities with higher added value not based exclusively on commercial activities, and looking

610 views • 3 slides
Consumer Finance Monthly Breakfast Briefing Criminal Enforcement in Consumer Credit and Consumer

Consumer Finance Monthly Breakfast Briefing Criminal Enforcement in Consumer Credit and Consumer

Consumer Finance Monthly Breakfast Briefing Criminal Enforcement in Consumer Credit and Consumer Loan Securitization Markets Daniel L. Stein Partner +1 212 506 2646 dstein@mayerbrown.com Criminal Enforcement in Consumer Credit Markets

560 views • 7 slides
Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security

Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security

Migration Policy Development Board 30/5/2019 Social Security Scheme - Briefing Social Security scheme overview Contributions States grant Social Security Fund Other contributory Pensions benefits 2 Social Security scheme

165 views • 14 slides
PUBLIC POLICY BULLETIN PUBLIC POLICY BULLETIN December 22, 2008 OHIO'S 127TH GENERAL ASSEMBLY

PUBLIC POLICY BULLETIN PUBLIC POLICY BULLETIN December 22, 2008 OHIO'S 127TH GENERAL ASSEMBLY

Principled Strategic Innovative PUBLIC POLICY BULLETIN PUBLIC POLICY BULLETIN December 22, 2008 OHIO'S 127TH GENERAL ASSEMBLY WRAPS-UP BUSY LAME DUCK SESSION The final days of the lame duck session interns in SB 203; SB 320 toughens 450,

83 views • 5 slides
Security Cooperation Reform briefing to the American Society of Military Comptrollers VADM

Security Cooperation Reform briefing to the American Society of Military Comptrollers VADM

Security Cooperation Reform briefing to the American Society of Military Comptrollers VADM Joseph Rixey Director, Defense Security Cooperation Agency March 9, 2017 Solutions for Americas Global Partners 1 Who We Are DSCAs Mission :

502 views • 12 slides
Physical Security Briefing for Senate IT November 25, 2019 Presented by: Joe Souza, Director

Physical Security Briefing for Senate IT November 25, 2019 Presented by: Joe Souza, Director

Physical Security Briefing for Senate IT November 25, 2019 Presented by: Joe Souza, Director UF Physical Security Established in December 2018 as a result of consultant report which identified areas for improvement Transferred Team

792 views • 10 slides
Lab 1 Introduction Bulletin Board System Architecture and Protocols How does

Lab 1 Introduction Bulletin Board System Architecture and Protocols How does

Schedule The Ensemble system Lab 1 Introduction Bulletin Board System Architecture and Protocols How does Ensemble achieve the group communication properties ? The Bulletin Board System Andreas Larsson 2009-01-26 Lab 1

264 views • 5 slides
Institution-Wide Safety and Security Structure and Process Briefing Charlie Maimone, Vice

Institution-Wide Safety and Security Structure and Process Briefing Charlie Maimone, Vice

ARMC-2.1 Institution-Wide Safety and Security Structure and Process Briefing Charlie Maimone, Vice Chancellor for Business Affairs November 21, 2016 Major Offices Involved in Campus Safety and Security EH&S - Risk/Compliance,

423 views • 21 slides
IN THIS WEEK'S ISSUE: FCC LAUNCHES FCC LAUNCHES HOMELAND SECURITY BUREAU HOMELAND SECURITY By

IN THIS WEEK'S ISSUE: FCC LAUNCHES FCC LAUNCHES HOMELAND SECURITY BUREAU HOMELAND SECURITY By

October 5, 2006 Bulletin #111 IN THIS WEEK'S ISSUE: FCC LAUNCHES FCC LAUNCHES HOMELAND SECURITY BUREAU HOMELAND SECURITY By Ben Young BUREAU THE FCC MEDIA CIRCUS IS UNDERWAY The Federal Communications Commission ("FCC") has

419 views • 4 slides
Important Visa Bulletin and I-485 Changes Tuesday, September 22, 2015 Beth Carlson Sarah

Important Visa Bulletin and I-485 Changes Tuesday, September 22, 2015 Beth Carlson Sarah

Important Visa Bulletin and I-485 Changes Tuesday, September 22, 2015 Beth Carlson Sarah Kilibarda Sari Long Agenda Introduction Important Visa Bulletin & I-485 Filing Changes Updates on the F-1 OPT STEM Rule New Guidance

514 views • 20 slides
Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you

Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you

Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you will be. In fact, you already may have been hacked, but dont know it yet. Stu Davis, Chief Information Officer, Ohio Department of

600 views • 45 slides
FINANCIAL STATEMENT BULLETIN Klaus Andersen, CEO Martti Nurminen, CFO Q4/2019 February 4,

FINANCIAL STATEMENT BULLETIN Klaus Andersen, CEO Martti Nurminen, CFO Q4/2019 February 4,

FINANCIAL STATEMENT BULLETIN Klaus Andersen, CEO Martti Nurminen, CFO Q4/2019 February 4, 2020 Financial Statement Bulletin IMPORTANT NOTICE The following information contains, or may be deemed to contain, forward-looking statements. These

679 views • 19 slides
DC GIS Steering Committee November 2014 10:00 AM 12:00 PM 200 I Street SE, 5 th Floor

DC GIS Steering Committee November 2014 10:00 AM 12:00 PM 200 I Street SE, 5 th Floor

DC GIS Steering Committee November 2014 10:00 AM 12:00 PM 200 I Street SE, 5 th Floor Washington, DC 20003 Conference Room: 5009 Agenda Introductions and Establish Quorum Approve Minutes 8/21/2014 DC GIS News OCTO GIS News

1.1k views • 93 slides
Software Systems by Incorporating Security Knowledge Stefan Grtner and Kurt Schneider Software

Software Systems by Incorporating Security Knowledge Stefan Grtner and Kurt Schneider Software

Maintaining Requirements for Long-Living Software Systems by Incorporating Security Knowledge Stefan Grtner and Kurt Schneider Software Engineering Group, Leibniz Universitt Hannover, Germany Thomas Ruhroth, Jens Brger, and Jan Jrjens

480 views • 24 slides
The Future of E-Commerce is More Web-like Ian Jacobs W3C I. What the Web Means for Commerce

The Future of E-Commerce is More Web-like Ian Jacobs W3C I. What the Web Means for Commerce

The Future of E-Commerce is More Web-like Ian Jacobs W3C I. What the Web Means for Commerce Source: merchandisingmatters.com New Zealand E-Commerce Source: Nielsen New Zealand E-Commerce Report 2016 E-Commerce Rising Proportion of Retail

861 views • 45 slides
Solr Presented by Jacob Pitassi 07.28.12 Monday, July 30, 12 Hello Jacob Pitassi Director of

Solr Presented by Jacob Pitassi 07.28.12 Monday, July 30, 12 Hello Jacob Pitassi Director of

Solr Presented by Jacob Pitassi 07.28.12 Monday, July 30, 12 Hello Jacob Pitassi Director of Engineering jpitassi@stauffer.com stauffer.com Monday, July 30, 12 What are you talking about Monday, July 30, 12 Parts of this presentation

624 views • 26 slides
Segurana em APIs REST Heitor Vital reas de Atuao o Cloud Computing

Segurana em APIs REST Heitor Vital reas de Atuao o Cloud Computing

Segurana em APIs REST Heitor Vital reas de Atuao o Cloud Computing twitter.com/heitorvital o Segurana Informao o Jogos slideshare.net/HeitorVital o Dispositivos Mveis o labs.siteblindado.com

412 views • 22 slides
Ramy Ahmed Fathy, PhD Vice Chairman of ITU-T SG20 Director, Digital Services Planning and Risk

Ramy Ahmed Fathy, PhD Vice Chairman of ITU-T SG20 Director, Digital Services Planning and Risk

ITU Workshop Smart Sustainable Cities (Samarqand - Uzbekistan 1- 2 June 2017) Trustworthy ICT: The notion of Trust, Security, and Privacy Ramy Ahmed Fathy, PhD Vice Chairman of ITU-T SG20 Director, Digital Services Planning and Risk Assessment

758 views • 52 slides
An Empirical Study of PHP Feature Usage: A Static Analysis Perspective Mark Hills, Paul Klint,

An Empirical Study of PHP Feature Usage: A Static Analysis Perspective Mark Hills, Paul Klint,

An Empirical Study of PHP Feature Usage: A Static Analysis Perspective Mark Hills, Paul Klint, and Jurgen J. Vinju CWI, Software Analysis and Transformation (SWAT) ISSTA 2013 Lugano, Switzerland July 16-18, 2013 http://www.rascal-mpl.org

857 views • 46 slides
Securing Digital Fintech Platform Value Proposition and Security Challenges Agus F. Abdillah

Securing Digital Fintech Platform Value Proposition and Security Challenges Agus F. Abdillah

Securing Digital Fintech Platform Value Proposition and Security Challenges Agus F. Abdillah Jakarta - 28 th Nov, 2018 1 Securing Fintech 1 Introduction 2 What Being Platform Means? AGENDA What is Value Proposition for Digital 3

353 views • 18 slides

More recommend