HACKER MEDICINE

Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing five bulletins covering a total of 23 vulnerabilities. Nineteen of this month’s issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

• Install vendor patches as soon as they are available.
• Run all software with the least privileges required while still maintaining functionality.
• Avoid handling files from unknown or questionable sources.
• Never visit sites of unknown or questionable integrity.
• Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of the June releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Jun

The following is a breakdown of the issues being addressed this month:

1. MS13-047 Cumulative Security Update for Internet Explorer (2838727)

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3110) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3111) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3112) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3113) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3114) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3116) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3117) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3118) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3119) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3120) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3121) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3122) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3123) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Use After Free Vulnerability (CVE-2013-3124) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Use After Free Vulnerability (CVE-2013-3125) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Script Debug Vulnerability (CVE-2013-3126) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly processes script while debugging a webpage. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3139) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3141) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

   Internet Explorer Memory Corruption Vulnerability (CVE-2013-3142) MS Rating: Critical

   A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

2. MS13-048 Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)

   Kernel Information Disclosure Vulnerability (CVE-2013-3136) MS Rating: Important

   An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could disclose information from kernel addresses.

3. MS13-049 Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)

   TCP/IP Integer Overflow Vulnerability (CVE-2013-3138) MS Rating: Important

   A denial of service vulnerability exists in the way that the Windows TCP/IP driver improperly handles packets during TCP connection. An attacker who successfully exploited this vulnerability could cause the target system to stop responding.

4. MS13-050 Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)

   Print Spooler Vulnerability (CVE-2013-1339) MS Rating: Important

   An elevation of privilege vulnerability exists in the way that Microsoft Windows Print Spooler handles memory when a printer is deleted.

5. MS13-051 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)

   Office Buffer Overflow Vulnerability (CVE-2013-1331) MS Rating: Important

   A remote code execution vulnerability exists in the way that Microsoft Office parses specially crafted Office files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

More information on the vulnerabilities being addressed this month is available at Symantec’s free SecurityFocus portal and to our customers through the DeepSight Threat Management System.