Severity: : High
  Advisory Date: 14 de maja de 2013

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its May batch of patches:

  • (MS13-037) Cumulative Security Update for Internet Explorer (2829530)
    Risk Rating: Critical

    This patch addresses eleven vulnerabilities found in Internet Explorer, which may lead to malware execution. Users may encounter this attack when visiting specific webpage using Internet Explorer. Exploiting this vulnerability can also give attacker same access right as current user.Read more here.

  • (MS13-038) Security Update for Internet Explorer (2847204)
    Risk Rating: Critical

    This patch addresses one publicly disclosed vulnerability in Internet Explorer that may lead to remote code execution. Users may encounter this by visiting compromised webpage. Read more here.

  • (MS13-039) Vulnerability in HTTP.sys Could Allow Denial of Service (2829254)
    Risk Rating: Important

    This patch addresses a security flaw found in Microsoft Windows. When exploited, this could lead to denial of service (DoS) attack. Read more here.

  • (MS13-040) Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)
    Risk Rating: Important

    This patch addresses two vulnerabilities in the .NET framework that may lead to spoofing once a .NET application receives a malicious XML file. Once exploit is successful, attacker could modify the content of .XML file and gain endpoint functions. Read more here.

  • (MS13-041) Vulnerability in Lync Could Allow Remote Code Execution (2834695)
    Risk Rating: Important

    This patch addresses a vulnerability in Microsoft Lync that may allow an attacker to execute a malware. For attack to be successful, attacker must make a user accpet a Lync or Communicator invitation then share a malicious file or program disguised as a presentation in Lync of Communicator. Read more here.

  • (MS13-042) Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2830397)
    Risk Rating: Important

    This patch addresses eleven vulnerabilities in Microsoft Office that could lead to users executing a malware. Users may encounter this via malware disguised as Publisher file and opening it using vulnerable Microsoft Publisher. Once done, attacker gains same user rights as the current user. Read more here.

  • (MS13-043) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
    Risk Rating: Important

    This patch addresses a vulnerability in Microsoft Office that could allow remote code execution once user opens a malware disguised as an email message. Once successful, users can gain the same access rights as current user. Read more here.

  • (MS13-044) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
    Risk Rating: Important

    This patch addresses a vulnerability in Microsoft Office that may lead to unwanted information disclosure by opening a specifically crafted Visio file. Read more here.

  • (MS13-045) Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)
    Risk Rating: Important

    This patch addresses a vulnerability . Read more here.

  • (MS13-046) Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)
    Risk Rating: Important

    This patch addresses a vulnerability in Microsoft Windows that may lead to an attacker gaining elevation of privilege. To do this, an attacker must have valid logon credentials before exploiting this vulnerability locally. Read more here.

  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date IDF Compatibility
MS13-037 CVE-2013-1297 1005499 Microsoft Internet Explorer JSON Array Information Disclosure Vulnerability 14-May-13 YES
MS13-037 CVE-2013-1307 1005501 Internet Explorer Use After Free Vulnerability 14-May-13 YES
MS13-037 CVE-2013-1308 1005502 Internet Explorer Use After Free Vulnerability (CVE-2013-1308) 14-May-13 YES
MS13-037 CVE-2013-1309 1005503 Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-1309) 14-MaY-13 YES
MS13-037 CVE-2013-1310 1005504 Internet Explorer Use After Free Vulnerability (CVE-2013-1310) 14-May-13 YES
MS13-037 CVE-2013-1311 1005505 Internet Explorer Use After Free Vulnerability (CVE-2013-1311) 12-Mar-13 YES
MS13-037 CVE-2013-1312 1005506 Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-1312) 14-MaY-13 YES
MS13-037 CVE-2013-2551 1005510 Microsoft Internet Explorer Use After Free Vulnerability (CVE-2013-2551) 14-May-13 YES
MS13-038 CVE-2013-1347 1005491 Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-1347) 14-May-13 YES
MS13-039 CVE-2013-1305 1005507 HTTP.sys Denial Of Service Vulnerability (CVE-2013-1305) 14-May-13 NO
MS13-040 CVE-2013-1336 1005508 XML Digital Signature Spoofing Vulnerability (CVE-2013-1336) 14-MaY-13 YES
MS13-044 CVE-2013-1301 10005498 XML External Entities Resolution Vulnerability (CVE-2013-1301) 14-May-13 YES