Patch Analysis for February 2013

This month there are a few specific servers that need attention.  These include NFS servers that facilitate integration with UNIX servers. Also the Fast Search Server and of course, Terminal Servers. Exchange Server contains a couple of exploitable vulnerabilities through the WebReady Document Viewing feature that allows user to use OWA to preview documents. The workaround disables this feature. MS13-018 will affect all servers but it is not as critical. Workstations on the other hand will require considerable time to update and some of the bulletins address a large number of vulnerabilities.
 
Break away from WSUS and get centralized enterprise patch for Microsoft AND Flash, Acrobat, Java, and even for other platforms – all on one pane of glass with Lumension Patch and Remediation. But patch is just one slice of the pie. Add full endpoint security (AV, patch, encryption, device control, app control) to that same pane of glass with the Lumension® Endpoint Management and Security Suite. One agent, one console to address all risk vectors.
BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS13-016

2778344
Privilege elevation

/ Windows kernel mode drivers
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart req'dPatch after testing
MS13-011

2780091
Arbitrary code

/ DirectShow
Workstations
Terminal Servers
Yes/NoNoCritical XP
Vista
Server 2003
Server 2008
 Patch after testing
MS13-013

2784242
Arbitrary code

/ Fast Search Server
Sharepoint Servers
Yes/NoYesImportant Fast Search Server 2010
 Patch after testing; Apply workaround in meantime
MS13-019

2790113
Privilege elevation

/ CSRSS
Workstations
Terminal Servers
Yes/NoNoImportant Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS13-018

2790655
Denial of service

/ TCP/IP
Servers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart Req'dPatch after testing
MS13-014

2790978
Denial of service

/ NFS Server
Servers
No/NoNoImportant Server 2008 R2
Server 2012
Restart Req'dPatch after testing
MS13-009

2792100
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Cumulative Update; Restart Req'dPatch after testing
MS13-010

2797052
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/YesNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
 Patch after testing
MS13-017

2799494
Privilege elevation

/ Windows kernel
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Multiple vulnerabilitiesPatch after testing
MS13-015

2800277
Privilege elevation

/ .Net Framework
Workstations
Terminal Servers
Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
 Patch after testing
MS13-020

2802968
Arbitrary code

/ OLE
Workstations
No/NoNoCritical XP
Restart Req'dPatch after testing
MS13-012

2809279
Arbitrary code

/ Exchange
Exchange Servers
Yes/NoYesCritical Exchange 2007
Exchange 2010
 Patch after testing; Apply workaround in meantime

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.

 

Additional Resources