Patch Analysis for September 2013

For September it's back to work for admins charged with keeping software up-to-date. First priority for servers is SharePoint MS13-067 where multiple vulnerabilities are fixed. The one that had been publicly disclosed, Mircosoft reports that exploit code is unlikely. Servers with Active Directory, AD LDS could be hit with a denial-of-service attack (MS13-079) MS13-070 is a critical update for Server 2003 and XP. The other updates released today have to do with Office, Internet Explorer and the Windows operating system.  The chart below is for Microsoft products, but don't forget third-party software.

Unwanted and unknown applications can introduce malware, decrease PC performance, consume disk space, reduce network bandwidth and ultimately reduce IT and user productivity. With the free Application Scanner Tool from Lumension you can:

  • Discover all applications and executables in your endpoint environment
  • Validate the integrity of applications and files against known vendor provenance; and
  • Identify and report on systems at risk with the most unknown executables and the most prevalent applications and unknown executables in your organization

Click here to download it now » 

Visit the Lumension Patch Tuesday Center

BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS13-073

2588300
Arbitrary code

/ Excel
Workstations
Terminal Servers
No/NoNoImportant Office 2003
Office 2007
Excel Viewer
Office Compatibility Pack
Office 2010
Office 2011 for MAC
Office 2013
Multiple vulnerabilitiesPatch after testing
MS13-068

2756473
Arbitrary code

/ Outlook
Workstations
Terminal Servers
No/NoNoCritical Office 2007
Office 2010
 Patch after testing
MS13-078

2825621
Information disclosure

/ FrontPage
Workstations
Servers
No/NoNoImportant Frontpage 2003
 Patch after testing
MS13-067

2834052
Arbitrary code

/ SharePoint
Workstations
Terminal Servers
Sharepoint Servers
Yes/NoNoCritical SharePoint Services 3.0
SharePoint Server 2007
SharePoint Services 2.0
SharePoint Server 2010
SharePoint Server 2013
Multiple vulnerabilitiesPatch after testing
MS13-072

2845537
Arbitrary code

/ Office
Workstations
Terminal Servers
No/NoNoImportant Office 2003
Office 2007
Word Viewer
Office Compatibility Pack
Office 2010
Multiple vulnerabilitiesPatch after testing
MS13-074

2848637
Arbitrary code

/ Access
Workstations
Terminal Servers
No/NoNoImportant Office 2007
Office 2010
Office 2013
Multiple vulnerabilitiesPatch after testing
MS13-079

2853587
Denial of service

/ Active Directory
Servers
Domain Controllers
No/NoNoImportant Vista
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
 Patch after testing
MS13-071

2864063
Arbitrary code

/ Windows Theme File
Workstations
No/NoNoImportant XP
Vista
Server 2003
Windows 8
 Patch after testing
MS13-069

2870699
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
No/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Cumulative Update; Restart Req'dPatch after testing
MS13-077

2872339
Privilege elevation

/ SCM
Workstations
Terminal Servers
No/NoNoImportant Server 2008 R2
Windows 7
Restart Req'dPatch after testing
MS13-070

2876217
Arbitrary code

/ OLE
Workstations
Servers
No/NoNoCritical XP
Server 2003
 Patch after testing
MS13-076

2876315
Privilege elevation

/ Kernel Mode Drivers
Workstations
Terminal Servers
No/NoNoImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Windows RT
Multiple vulnerabilitiesPatch after testing
MS13-075

2878687
Privilege elevation

/ Pinyin IME (Chinese)
Workstations
Terminal Servers
No/NoNoImportant Office 2010
 Patch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.