|
|
| On December
10, 2013, Microsoft is planning to release 11 new security bulletins. Below
is a summary.
|
|
NEW BULLETIN SUMMARY
|
|
|
|
|
Bulletin
ID
|
Maximum
Severity Rating
|
Vulnerability
Impact
|
Restart
Requirement
|
Affected
Software*
|
|
Bulletin
1
|
Critical
|
Remote
Code Execution
|
Requires
restart
|
Windows
Vista, Windows Server 2008, Office 2003, Office 2007, Office 2010,
Office Compatibility Pack, Lync 2010, Lync 2010 Attendee, Lync 2013,
and Lync Basic 2013.
|
|
Bulletin
2
|
Critical
|
Remote
Code Execution
|
Requires
restart
|
Internet
Explorer on Windows XP, Windows Server 2003,Windows Vista, Windows
Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1,
Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT
8.1.
|
|
Bulletin
3
|
Critical
|
Remote
Code Execution
|
Requires
restart
|
Windows
XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7,
Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012,
Windows Server 2012 R2, Windows RT, and Windows RT 8.1.
|
|
Bulletin
4
|
Critical
|
Remote
Code Execution
|
May
require restart
|
Windows
XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7,
Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012,
Windows Server 2012 R2, Windows RT, and Windows RT 8.1.
|
|
Bulletin
5
|
Critical
|
Remote
Code Execution
|
No
restart required
|
Microsoft
Exchange Server 2007, Exchange Server 2010, and Exchange Server 2013.
|
|
Bulletin
6
|
Important
|
Remote
Code Execution
|
May
require restart
|
Microsoft SharePoint Server 2010,
SharePoint Server 2013, and Office Web Apps Server 2013.
|
|
Bulletin
7
|
Important
|
Elevation
of Privilege
|
Requires
restart
|
Windows
XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7,
Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012,
Windows Server 2012 R2, Windows RT, and Windows RT 8.1.
|
|
Bulletin
8
|
Important
|
Elevation
of Privilege
|
Requires
restart
|
Windows
XP and Windows Server 2003.
|
|
Bulletin
9
|
Important
|
Elevation
of Privilege
|
No
restart required
|
ASP.NET
SignalR and Microsoft Visual Studio Team Foundation Server 2013.
|
|
Bulletin
10
|
Important
|
Information
Disclosure
|
May
require restart
|
Microsoft
Office 2013 and Office 2013 RT.
|
|
Bulletin
11
|
Important
|
Security
Feature Bypass
|
May
require restart
|
Microsoft
Office 2007 and Office 2010.
|
|
*
The list of affected software in the summary table is an abstract. To see
the full list of affected components please click on the "Advance
Notification Webpage" link below and review the "Affected
Software" section.
|
|
|
|
|
|
|
Although we do not anticipate
any changes, the number of bulletins, products affected, restart information,
and severities are subject to change until released.
Advance Notification Webpage: The full version of the Microsoft
Security Bulletin Advance Notification for this month can be found at http://technet.microsoft.com/security/bulletin/ms13-dec.
Microsoft Windows Malicious Software Removal Tool: Microsoft will
release an updated version of the Microsoft Windows Malicious Software
Removal Tool on Windows Update, Microsoft Update, Windows Server Update
Services, and the Download Center.
Monthly Security Bulletin Webcast: To address customer questions on
these bulletins Microsoft will host a webcast next Wednesday, December 11,
2013, at 11:00 A.M. Pacific Time (UTC-8). Registration for this event and
other details can be found at http://technet.microsoft.com/security/bulletin/
|
|
No comments:
Post a Comment