Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 57 vulnerabilities that were fixed in 12 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 12 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
Microsoft Internet Explorer is prone to a remote code execution vulnerability caused by the way Internet Explorer accesses an object in memory that has been deleted. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Microsoft has released a security update that addresses the vulnerability by modifying the way that Internet Explorer handles objects in memory.
This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 on Windows servers.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009 (KB2792100)
Following are links for downloading patches to fix the vulnerabilities:
Windows XP Service Pack 3 (Internet Explorer 6)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 Service Pack 2 (Internet Explorer 6)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 6)
Windows XP Service Pack 3 (Internet Explorer 7)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 Service Pack 2 (Internet Explorer 7)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 7)
Windows Vista Service Pack 2 (Internet Explorer 7)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-009.
Workaround:
1. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
2. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
Windows XP Service Pack 3 (Internet Explorer 6)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 Service Pack 2 (Internet Explorer 6)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 6)
Windows XP Service Pack 3 (Internet Explorer 7)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 Service Pack 2 (Internet Explorer 7)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 7)
Windows Vista Service Pack 2 (Internet Explorer 7)
Windows Vista x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for Itanium-based Systems Service Pack 2 (Internet Explorer 7)
Windows XP Service Pack 3 (Internet Explorer 8)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 8)
Windows Server 2003 Service Pack 2 (Internet Explorer 8)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-010.
A vulnerability exists when Microsoft DirectShow fails to handle specially crafted media content.
Microsoft has released a security update that addresses the vulnerability by correcting the way DirectShow handles specially crafted media content.
This security update is rated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009 (KB2780091)
Windows XP Service Pack 3 (Quartz.dll (DirectShow))
Windows XP Professional x64 Edition Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2003 Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2003 x64 Edition Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2003 with SP2 for Itanium-based Systems (Quartz.dll (DirectShow))
Windows Vista Service Pack 2 (Quartz.dll (DirectShow))
Windows Vista x64 Edition Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2008 for 32-bit Systems Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2008 for x64-based Systems Service Pack 2 (Quartz.dll (DirectShow))
Windows Server 2008 for Itanium-based Systems Service Pack 2 (Quartz.dll (DirectShow))
Refer to Microsoft Security Bulletin MS13-011 for further details.
Workaround:
1) Modify the Access Control List (ACL) on quartz.dll
Impact of workaround #1 - Windows Media Player will not be able to play .avi or .wav files.
2) Unregister quartz.dll
Impact of workaround #2: Windows Media Player will not be able to play .avi or .wav files.
This security update resolves publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe vulnerabilities are in Microsoft Exchange Server WebReady Document Viewing and could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA).
Two vulnerabilities exist in Microsoft Exchange Server through the WebReady Document Viewing feature. The WebReady service parses files using the Oracle Outside In libraries in order to provide a preview of the document in the browser. The vulnerabilities are caused when WebReady Document Viewer is used to preview a specially crafted file.
This security update is rated Critical for Microsoft Exchange Server 2007 Service Pack 3, and Microsoft Exchange Server 2010 Service Pack 2.
Microsoft Exchange Server 2007 Service Pack 3
Microsoft Exchange Server 2010 Service Pack 2
Refer to Microsoft Security Bulletin MS13-012 for further details.
Workaround:
1. Disable WebReady document view
Log in to the Exchange Management Shell as an Exchange Organization Administrator.
Issue the following PowerShell command:
Get-OwaVirtualDirectory | where {$_.OwaVersion -eq 'Exchange2007' -or $_.OwaVersion -eq 'Exchange2010'} | Set-OwaVirtualDirectory -WebReadyDocumentViewingOnPublicComputersEnabled:$False -WebReadyDocumentViewingOnPrivateComputersEnabled:$False
Impact of workaround. OWA users may not be able to preview the content of email attachments.
Remote code execution vulnerabilities exist in FAST Search Server 2010 for SharePoint with the Advanced Filter Pack enabled. The vulnerabilities exist in the way that the Oracle Outside In libraries, used by the Advanced Filter Pack, parse specially crafted files.
By default, Advanced Filter Pack in FAST is disabled.
Microsoft has released a security update that addresses the vulnerabilities by updating the affected Oracle Outside In libraries to a non-vulnerable version.
This security update is rated Important for supported editions of FAST Search Server 2010 for SharePoint.
Microsoft FAST Search Server 2010 for SharePoint Service Pack 1
Refer to Microsoft Security Bulletin MS13-013 for further details.
Workaround:
1) Disable the Advanced Filter Pack for FAST Search Server 2010 for SharePoint
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Refer to Microsoft Security Bulletin MS13-014 for further details.
An elevation of privilege vulnerability exists in the way that the .NET Framework elevates the permissions of a callback function when a particular Windows Forms object is created (CVE-2013-0073).
This security update is rated Important for Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4, and Microsoft .NET Framework 4.5 on affected editions of Microsoft Windows.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009
Windows XP Service Pack 3 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows XP Service Pack 3 (Microsoft .NET Framework 4)
Windows XP Professional x64 Edition Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows XP Professional x64 Edition Service Pack 2 (Microsoft .NET Framework 4)
Windows Server 2003 Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows Server 2003 Service Pack 2 (Microsoft .NET Framework 4)
Windows Server 2003 x64 Edition Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows Server 2003 x64 Edition Service Pack 2 (Microsoft .NET Framework 4)
Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft .NET Framework 2.0 Service Pack 2)
Windows Server 2003 with SP2 for Itanium-based Systems (Microsoft .NET Framework 4)
Windows Vista Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows Vista Service Pack 2 (Microsoft .NET Framework 4)
Windows Vista Service Pack 2 (Microsoft .NET Framework 4.5)
Windows Vista x64 Edition Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
Windows Vista x64 Edition Service Pack 2 (Microsoft .NET Framework 4)
Windows Vista x64 Edition Service Pack 2 (Microsoft .NET Framework 4.5)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Microsoft .NET Framework 2.0 Service Pack 2)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-015.
The security update addresses the vulnerabilities by correcting the way that the Windows kernel-mode driver handles objects in memory.
This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009 (KB2778344)
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-016.
Windows kernel is prone to multiple elevation of privilege vulnerabilities because it improperly handles objects in memory (CVE-2013-1278,CVE-2013-1279,CVE-2013-1280).
This security update is rated Important for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-017.
A denial of service vulnerability exists in the Windows TCP/IP stack that could cause the target system to stop responding and automatically restart.
The vulnerability occurs when the TCP/IP stack improperly handles a connection termination sequence.
This security update is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows 2012 and Windows RT.
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-018.
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Refer to Microsoft Security Bulletin MS13-019 for further details.
A remote code execution vulnerability is caused by the way OLE Automation parses a specially crafted file.
The security update addresses the vulnerability by correcting the way in which OLE Automation parses files.
This security update is rated Critical for Windows XP Service Pack 3.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
February 2013 Security Updates Are on MyOEM and ECE for XPe SP3 and Standard 2009 (KB2802968)
Refer to Microsoft Security Bulletin MS13-020 for further details.
These new vulnerability checks are included in Qualys vulnerability signature 2.2.356-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.