January 2013 - Microsoft Releases 7 Security Advisories
Severity: HIGH
Advisory Date: JAN 08, 2013
DESCRIPTION
Microsoft addresses the following vulnerabilities in its January batch of patches:
- (MS13-001) Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)
Risk Rating: Critical
This patch addresses a vulnerability found in Microsoft Windows, which could allow remote code execution when successfully exploited. Read more here. - (MS13-002) Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
Risk Rating: Critical
This patch addresses vulnerabilities found in Microsoft XML Core Services, which can result to remote code execution once successfully exploited. Read more here. - (MS13-003) Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552)
Risk Rating: Important
This patch addresses vulnerabilities found in Microsoft System Center Operations Manager. Read more here. - (MS13-004) Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
Risk Rating: Important
This patch addresses vulnerabilities in the .NET Framework, which when exploited successfully can gain remote attackers the same user rights as the logged on user. Read more here. - (MS13-005) Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
Risk Rating: Important
This patch addresses vulnerability in Microsoft Windows which can allow elevation of privilege once remote attacker executes a specially crafted application. Read more here. - (MS13-006) Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220)
Risk Rating: Important
This patch addresses a vulnerability in the implementation of SSL and TLS found in Microsoft Windows. When successfully exploited via a remote attacker intercepting Web traffic handshakes, it can allow security feature bypass. Read more here. - (MS13-007) Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
Risk Rating: Important
This patch addresses a vulnerability in the Open Data (OData) protocol, which when exploited can allow denial of service (DOS). Read more here.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
| MS Bulletin ID | Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | IDF Compatibility |
| MS13-002 | CVE-2013-0006 | 1005323 | Identified Suspicious Download of XML File Over HTTP | 08-Jan-13 | YES |
| CVE-2013-0007 | 1005322 | Microsoft Internet Explorer MSXML XSLT Vulnerability (CVE-2013-0007) | 08-Jan-13 | YES | |
| MS13-003 | CVE-2013-0009 | 1000522 | Generic Cross Site Scripting (XSS) Prevention | 18-Jul-06 | NO |
| CVE-2013-0010 | 1000522 | Generic Cross Site Scripting (XSS) Prevention | 18-Jul-06 | NO | |
| MS13-004 | CVE-2013-0003 | 1005013 | Identified Suspicious Upload of Microsoft .NET Executable | 12-Jun-12 | NO |
| MS13-006 | CVE-2013-0013 | 1005321 | Detected SSLv2 Server Traffic | 08-Jan-13 | YES |
| MS13-007 | CVE-2013-0005 | 1005320 | Microsoft Replace Denial of Service Vulnerability (CVE-2013-0005) | 08-Jan-13 | NO |