Severity: : High
  Advisory Date: 08 de stycznia de 2013

  DESCRIPTION

Microsoft addresses the following vulnerabilities in its January batch of patches:

  • (MS13-001) Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)
    Risk Rating: Critical

    This patch addresses a vulnerability found in Microsoft Windows, which could allow remote code execution when successfully exploited. Read more here.


  • (MS13-002) Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
    Risk Rating: Critical

    This patch addresses vulnerabilities found in Microsoft XML Core Services, which can result to remote code execution once successfully exploited. Read more here.


  • (MS13-003) Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552)
    Risk Rating: Important

    This patch addresses vulnerabilities found in Microsoft System Center Operations Manager. Read more here.


  • (MS13-004) Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
    Risk Rating: Important

    This patch addresses vulnerabilities in the .NET Framework, which when exploited successfully can gain remote attackers the same user rights as the logged on user. Read more here.


  • (MS13-005) Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
    Risk Rating: Important

    This patch addresses vulnerability in Microsoft Windows which can allow elevation of privilege once remote attacker executes a specially crafted application. Read more here.


  • (MS13-006) Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220)
    Risk Rating: Important

    This patch addresses a vulnerability in the implementation of SSL and TLS found in Microsoft Windows. When successfully exploited via a remote attacker intercepting Web traffic handshakes, it can allow security feature bypass. Read more here.


  • (MS13-007) Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
    Risk Rating: Important

    This patch addresses a vulnerability in the Open Data (OData) protocol, which when exploited can allow denial of service (DOS). Read more here.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

MS Bulletin ID Vulnerability ID DPI Rule Number DPI Rule Name Release Date IDF Compatibility
MS13-002 CVE-2013-0006 1005323 Identified Suspicious Download of XML File Over HTTP 08-Jan-13 YES
CVE-2013-0007 1005322 Microsoft Internet Explorer MSXML XSLT Vulnerability (CVE-2013-0007) 08-Jan-13 YES
MS13-003 CVE-2013-0009 1000522 Generic Cross Site Scripting (XSS) Prevention 18-Jul-06 NO
CVE-2013-0010 1000522 Generic Cross Site Scripting (XSS) Prevention 18-Jul-06 NO
MS13-004 CVE-2013-0003 1005013 Identified Suspicious Upload of Microsoft .NET Executable 12-Jun-12 NO
MS13-006 CVE-2013-0013 1005321 Detected SSLv2 Server Traffic 08-Jan-13 YES
MS13-007 CVE-2013-0005 1005320 Microsoft Replace Denial of Service Vulnerability (CVE-2013-0005) 08-Jan-13 NO