Microsoft security alert.
July 9, 2013
Advisory overview
Qualys Vulnerability R&D Lab has released new vulnerability checks in the Enterprise TruRisk Platform to protect organizations against 36 vulnerabilities that were fixed in 7 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Vulnerability details
Microsoft has released 7 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
-
Microsoft Windows Kernel-Mode Drivers Remote Code Execution (MS13-053)
- Severity
- Urgent 5
- Qualys ID
- 90894
- Vendor Reference
- MS13-053
- CVE Reference
- CVE-2013-1300, CVE-2013-1340, CVE-2013-1345, CVE-2013-3129, CVE-2013-3167, CVE-2013-3172, CVE-2013-3173, CVE-2013-3660, CVE-2013-3661
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling.
The kernel is prone to the following vulnerabilities:
- An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory. (CVE-2013-1300, CVE-2013-1345, CVE-2013-3173)
- An elevation of privilege vulnerability exists in the way that the Windows kernel-mode driver improperly handles objects in memory. (CVE-2013-1340)
- A remote code execution vulnerability exists in the way affected components handle a specially crafted TrueType font files. (CVE-2013-3129)
- An information disclosure vulnerability that could lead to elevation of privilege exists in the way the Windows kernel-mode driver improperly handles objects in memory. (CVE-2013-3167)
- A denial of service vulnerability exists in the way the Windows kernel-mode driver improperly handles objects in memory. (CVE-2013-3172)
- A theoretical remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory. (CVE-2013-3660)
Microsoft has released a security update that addresses the vulnerabilities by correcting the way the Windows kernel-mode drivers handle objects in memory and correcting the way Windows handles specially crafted TrueType Font (TTF) files.
This security update is rated Critical for all supported releases of Microsoft Windows.
- Consequence
-
Successful exploitation of these vulnerabilities could allow a local attacker to execute arbitrary code with elevated privileges.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-053.
-
Microsoft .NET Framework and Silverlight Multiple Code Execution Vulnerabilities (MS13-052)
- Severity
- Critical 4
- Qualys ID
- 90896
- Vendor Reference
- MS13-052
- CVE Reference
- CVE-2013-3129, CVE-2013-3131, CVE-2013-3132, CVE-2013-3133, CVE-2013-3134, CVE-2013-3171, CVE-2013-3178
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
The Microsoft .NET Framework is a software framework for computers running Microsoft Windows operating systems.
Microsoft .NET Framework is exposed to the following vulnerabilities:
1) A remote code execution vulnerability exists in the way affected components handle specially crafted TrueType font files (CVE-2013-3129).
2) A remote code execution vulnerability exists in the way the .NET Framework handles multidimensional arrays of small structures (CVE-2013-3131).
3) An elevation of privilege vulnerability exists in the way .NET Framework validates the permissions of certain objects performing reflection (CVE-2013-3132).
4) An elevation of privilege vulnerability exists in the way the .NET Framework validates permissions for objects involved with reflection (CVE-2013-3133).
5) A remote code execution vulnerability exists in the way Microsoft .NET Framework allocates arrays of small structures (CVE-2013-3134).
6) An elevation of privilege vulnerability exists in the way the .NET Framework validates permissions for delegate objects during serialization (CVE-2013-3171).
This security update is rated Important for Microsoft .NET Framework 1.0 Service Pack 3, Microsoft .NET Framework 1.1 Service Pack 1, and .NET Framework 3.5 Service Pack 1, and rated Critical for Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4, and Microsoft .NET Framework 4.5 on affected editions of Microsoft Windows. The update is also rated Important for affected editions of Microsoft Silverlight 5.
- Consequence
- Successfully exploiting these vulnerabilities might allow a remote attacker to execute arbitrary code.
- Solution
-
Refer to MS13-052 for further information.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS13-052 Microsoft Silverlight 5
MS13-052 Microsoft Silverlight 5
MS13-052 Microsoft Silverlight 5
MS13-052 Microsoft Silverlight 5
MS13-052 Microsoft Silverlight 5
MS13-052 Microsoft Silverlight 5 Developer Runtime
MS13-052 Microsoft Silverlight 5 Developer Runtime
MS13-052 Microsoft Silverlight 5 Developer Runtime
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows 7 for 32-bit Systems Service Pack 1
MS13-052 Windows 7 for 32-bit Systems Service Pack 1
MS13-052 Windows 7 for 32-bit Systems Service Pack 1
MS13-052 Windows 7 for 32-bit Systems Service Pack 1
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows 7 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows 7 for x64-based Systems Service Pack 1
MS13-052 Windows 7 for x64-based Systems Service Pack 1
MS13-052 Windows 7 for x64-based Systems Service Pack 1
MS13-052 Windows 7 for x64-based Systems Service Pack 1
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 4.5)
MS13-052 Windows 8 for 32-bit Systems(Microsoft .NET Framework 4.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 3.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 4.5)
MS13-052 Windows 8 for 64-bit Systems(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 with SP2 for Itanium-based Systems(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2003 x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 3.5.1)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
MS13-052 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for 32-bit Systems Service Pack 2
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for Itanium-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2008 for x64-based Systems Service Pack 2
MS13-052 Windows Server 2012(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2012(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 3.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 4.5)
MS13-052 Windows Server 2012 (Server Core installation)(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista Service Pack 2
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista x64 Edition Service Pack 2(Microsoft .NET Framework 4.5)
MS13-052 Windows Vista x64 Edition Service Pack 2
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows XP Professional x64 Edition Service Pack 2(Microsoft .NET Framework 4)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 1.0 Service Pack 3)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 1.1 Service Pack 1)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 2.0 Service Pack 2)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 3.0 Service Pack 2)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 3.5 Service Pack 1)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 4)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 4)
MS13-052 Windows XP Service Pack 3(Microsoft .NET Framework 4)
-
Microsoft GDI+ Remote Code Execution Vulnerability (MS13-054)
- Severity
- Urgent 5
- Qualys ID
- 90895
- Vendor Reference
- MS13-054
- CVE Reference
- CVE-2013-3129
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
A remote code execution vulnerability exists in the way affected Windows components and other affected software handle specially crafted TrueType font files. The vulnerability could allow remote code execution if a user views shared content that embeds TrueType font files.
Affected Software:
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Windows RTMicrosoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1(32-bit editions)
Microsoft Office 2010 Service Pack 1(64-bit editions)
Microsoft Visual Studio .NET 2003 Service Pack 1
Microsoft Lync 2010 (32-bit)
Microsoft Lync 2010 (64-bit)
Microsoft Lync 2010 Attendee(user level install)
Microsoft Lync 2010 Attendee(admin level install)
Microsoft Lync 2013 (32-bit)
Microsoft Lync Basic 2013 (32-bit)
Microsoft Lync 2013 (64-bit)
Microsoft Lync Basic 2013(64-bit)This security update is rated Critical for all supported editions.
- Consequence
-
An attacker who successfully exploited the vulnerability through Windows GDI+ and Windows components could run arbitrary code in kernel mode and take complete control of an affected system.
An attacker who successfully exploited the vulnerability through Microsoft Office, Microsoft Visual Studio, or Microsoft Lync could gain the same user rights as the current user.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-054.
-
Microsoft Internet Explorer Multiple Remote Code Execution Vulnerabilities (MS13-055)
- Severity
- Urgent 5
- Qualys ID
- 100157
- Vendor Reference
- MS13-055
- CVE Reference
- CVE-2013-3115, CVE-2013-3143, CVE-2013-3144, CVE-2013-3145, CVE-2013-3146, CVE-2013-3147, CVE-2013-3148, CVE-2013-3149, CVE-2013-3150, CVE-2013-3151, CVE-2013-3152, CVE-2013-3153, CVE-2013-3161, CVE-2013-3162, CVE-2013-3163, CVE-2013-3164, CVE-2013-3166, CVE-2013-3846
- CVSS Scores
- Base 9.3 / Temporal 7.7
- Description
-
Microsoft Internet Explorer is a graphical web browser developed by Microsoft and included as part of the Microsoft Windows operating systems.
Microsoft Internet Explorer is affected by following vulnerabilities :
1. Multiple memory corruption vulnerabilities that exists in the way that Internet Explorer handles objects in memory.
2. A cross-site-scripting vulnerability due to a Shift JIS Character Encoding issue
An attacker could host a specially crafted website designed to exploit these vulnerabilities through Internet Explorer and then convince a user to view the website.
This security update is rated Critical for Internet Explorer 6, 7, 8, 9 and 10 on Windows clients and Moderate for Internet Explorer 6, 7, 8, 9 and 10 on Windows servers.
- Consequence
-
An attacker who successfully exploited these vulnerabilities could execute arbitrary code on affected systems with the same rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operates with administrative user rights.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows XP Service Pack 3 (Internet Explorer 6)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 Service Pack 2 (Internet Explorer 6)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 6)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 6)
Windows XP Service Pack 3 (Internet Explorer 7)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 Service Pack 2 (Internet Explorer 7)
Windows Server 2003 x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2003 with SP2 for Itanium-based Systems (Internet Explorer 7)
Windows Vista Service Pack 2 (Internet Explorer 7)
Windows Vista x64 Edition Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for x64-based Systems Service Pack 2 (Internet Explorer 7)
Windows Server 2008 for Itanium-based Systems Service Pack 2 (Internet Explorer 7)
Windows XP Service Pack 3 (Internet Explorer 8)
Windows XP Professional x64 Edition Service Pack 2 (Internet Explorer 8)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS13-055.
Workaround:
1. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
2. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
-
Microsoft Windows DirectShow Arbitrary Memory Overwrite Remote Code Execution Vulnerability (MS13-056)
- Severity
- Critical 4
- Qualys ID
- 90897
- Vendor Reference
- MS13-056
- CVE Reference
- CVE-2013-3174
- CVSS Scores
- Base 9.3 / Temporal 7.3
- Description
-
Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. Microsoft DirectX is a feature of the Windows operating system used for streaming media to enable graphics and sound when playing games or watching video.
A remote code execution vulnerability exists in the way that Microsoft DirectShow parses Graphic Interchange Format (GIF) image files. Processing of malformed .gif images could allow remote, unauthenticated attackers to overwrite arbitrary memory locations and executing code leveraging these memory locations.
This security update is rated Critical for all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 (except Itanium-based editions), Windows 7, Windows Server 2008 R2 (except Itanium-based editions), Windows 8, and Windows Server 2012.
- Consequence
-
Successful exploitation could allow unauthenticated, remote attackers to execute arbitrary code under the security context of the targeted user. On systems that allow administrative logon, an exploit could lead to a complete system compromise.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Refer to Microsoft Security Bulletin MS13-056 for further details.
-
Microsoft Windows Media Format Runtime Remote Code Execution Vulnerability (MS13-057)
- Severity
- Urgent 5
- Qualys ID
- 90893
- Vendor Reference
- MS13-057
- CVE Reference
- CVE-2013-3127
- CVSS Scores
- Base 9.3 / Temporal 6.9
- Description
-
Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video.
Windows Media Player is prone to a vulnerability because it fails to properly parse specially crafted media files.
Microsoft has released a security update that addresses the vulnerability by modifying how Windows Media Player opens certain media files.
This security update is rated Critical for all supported releases of Windows, excluding Itanium-based editions of Windows servers.
Windows Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
July 2013 Security Updates are on MyOEM for XPe SP3 and Standard 2009 (KB2834903, 2834904)
- Consequence
- This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights.
- Solution
-
Refer to MS13-057 to obtain additional information.
Workaround:
1) Restrict access to the WMV codec using an interactive, managed script
Impact of workaround #1 - Applications that use the WMV codec will not be able to play content.2) Disable the WMV codec using an interactive, managed script
Impact of workaround #2 - WMV-encoded files will not play.Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS13-057 Windows 7 for 32-bit Systems Service Pack 1(Windows Media Player 12)
MS13-057 Windows 7 for x64-based Systems Service Pack 1(Windows Media Player 12)
MS13-057 Windows 8 for 32-bit Systems(Windows Media Player 12)
MS13-057 Windows 8 for 64-bit Systems(Windows Media Player 12)
MS13-057 Windows Server 2003 Service Pack 2(Windows Media Format Runtime 9.5)
MS13-057 Windows Server 2003 Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows Server 2003 x64 Edition Service Pack 2(Windows Media Format Runtime 11)
MS13-057 Windows Server 2003 x64 Edition Service Pack 2(Windows Media Format Runtime 9.5)
MS13-057 Windows Server 2003 x64 Edition Service Pack 2(Windows Media Format Runtime 9.5 x64)
MS13-057 Windows Server 2003 x64 Edition Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows Server 2008 R2 for x64-based Systems Service Pack 1(Windows Media Player 12)
MS13-057 Windows Server 2008 for 32-bit Systems Service Pack 2(Windows Media Player 11)
MS13-057 Windows Server 2008 for 32-bit Systems Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows Server 2008 for x64-based Systems Service Pack 2(Windows Media Player 11)
MS13-057 Windows Server 2008 for x64-based Systems Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows Server 2012(Windows Media Player 12)
MS13-057 Windows Vista Service Pack 2(Windows Media Player 11)
MS13-057 Windows Vista Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows Vista x64 Edition Service Pack 2(Windows Media Player 11)
MS13-057 Windows Vista x64 Edition Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows XP Professional x64 Edition Service Pack 2(Windows Media Format Runtime 11)
MS13-057 Windows XP Professional x64 Edition Service Pack 2(Windows Media Format Runtime 9.5)
MS13-057 Windows XP Professional x64 Edition Service Pack 2(Windows Media Format Runtime 9.5 x64)
MS13-057 Windows XP Professional x64 Edition Service Pack 2(wmv9vcm.dll (codec))
MS13-057 Windows XP Service Pack 3(Windows Media Format Runtime 11)
MS13-057 Windows XP Service Pack 3(Windows Media Format Runtime 9)
MS13-057 Windows XP Service Pack 3(Windows Media Format Runtime 9.5)
MS13-057 Windows XP Service Pack 3(Windows Media Format Runtime 9.5)
MS13-057 Windows XP Service Pack 3(wmv9vcm.dll (codec))
MS13-057 Windows XP Service Pack 3 (Media Center Edition only)(Windows Media Format Runtime 11)
MS13-057 Windows XP Service Pack 3 (Media Center Edition only)(Windows Media Format Runtime 9.5)
-
Microsoft Defender Elevation of Privilege Vulnerability (MS13-058)
- Severity
- Critical 4
- Qualys ID
- 121316
- Vendor Reference
- MS13-058
- CVE Reference
- CVE-2013-3154
- CVSS Scores
- Base 6.9 / Temporal 5.1
- Description
-
Windows Defender, formerly known as Microsoft AntiSpyware, is a software product that helps combat malware.
Windows Defender is exposed to an elevation of privilege issue. This issue is caused by the improper use of pathnames when attempting to load an affected version of the Windows Defender service.
Affected Software:
Windows Defender for Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1. - Consequence
- An attacker who successfully exploits this vulnerability can run arbitrary code on a user's system with system privileges and take complete control of an affected system.
- Solution
-
Patch:
Following are links for downloading patches to fix the vulnerabilities:Windows 7 for 32-bit Systems Service Pack 1 (Windows Defender for Windows 7 (x86))
Windows 7 for x64-based Systems Service Pack 1 (Windows Defender for Windows 7 (x64))
Refer to Microsoft Security Bulletin MS13-058 for further details.
These new vulnerability checks are included in Qualys vulnerability signature 2.2.479-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
Selective Scan Instructions Using Qualys
To perform a selective vulnerability scan, configure a scan profile to use the following options:
- Ensure access to TCP ports 135 and 139 are available.
- Enable Windows Authentication (specify Authentication Records).
-
Enable the following Qualys IDs:
- 90894
- 90896
- 90895
- 100157
- 90897
- 90893
- 121316
- If you would like the scan to return the Windows Hostname, also include QID 82044 and ensure access to UDP port 137 is available.
- If you would like to be notified if Qualys is unable to log on to a host (if Authentication fails), also include QID 105015.
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Access for Qualys Customers
Platforms and Platform Identification
Technical Support
For more information, customers may contact Qualys Technical Support.
About Qualys
The Enterprise TruRisk Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.