BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

March 2013 Patch Tuesday: Cleaning House

March 12, 2013

  • Blog
  • Archive
Patch Tuesday is upon us and this month, Microsoft is doing a little spring cleaning of vulnerabilities, fixing a well-rounded collection of client-side vulnerabilities, along with a few server-side vulnerabilities for good measure. This month, the affected software includes Internet Explorer, Silverlight, Visio Viewer, SharePoint, OneNote, Outlook for Mac, and a Windows kernel-mode driver. In total, there are 20 vulnerabilities addressed by seven bulletins, four of which are rated critical. Boldly leading the charge of bulletins is Internet Explorer in MS13-021, with a whopping nine vulnerabilities, all of which are use after free vulnerabilities. This bulletin alone composes almost half of the vulnerabilities addressed this month. Every supported version of Internet Explorer (6 through 10) is affected, thus implicitly making all supported Windows platforms (including Windows RT) a target for attackers. Of the nine CVEs addressed, seven of them affect every supported version of Internet Explorer, so attackers have many choices when selecting a vulnerability to exploit in the near future. It should be noted that one of the nine vulnerabilities was publicly disclosed, but it only affects Internet Explorer 8. Additionally, it does not appear that the Internet Explorer 10 vulnerabilities exploited by VUPEN at Pwn2Own have been addressed in this patch, but we do anticipate seeing them addressed next month. There are a couple other critical client-side vulnerabilities this month, composed of remote code execution vulnerabilities in Silverlight 5 (MS13-022) and Visio Viewer 2010 (MS13-023). The Silverlight bug could be exploited by attackers via a drive-by web page hosting a malicious Silverlight application, where the attacker would convince users to view the malicious web page through some form of social engineering, such as phishing attacks or watering hole attacks. The Visio Viewer vulnerability would similarly be exploited by convincing users to open seemingly legitimate email attachments, which has proven to be an effective tactic for attackers. Additionally, Microsoft is patching a few vulnerabilities within SharePoint Server and SharePoint Foundation, addressed within MS13-024. These include three elevation of privilege vulnerabilities and a denial of service vulnerability. The elevation of privilege vulnerabilities could allow an attacker to execute actions as if they were a user logged onto the SharePoint site. The denial of service vulnerability would cause the entire SharePoint site to crash, requiring a manual restart. Needless to say, this bulletin patches some very disruptive vulnerabilities. Finishing up the application vulnerabilities for this month are patches for OneNote 2010 (MS13-025) and Office 2008/2011 for Mac (MS13-026). Both of these bulletins address information disclosure vulnerabilities. The OneNote vulnerability allows an attacker to disclose information not normally available to the attacker, such as usernames and passwords. The Office for Mac vulnerability specifically affects the Outlook for Mac component, allowing attackers to load remote content when an HTML email message is viewed by users. This could be used by attackers to load a secondary exploit targeting a secondary vulnerability to compromise the victim’s system. Lastly, MS13-027 addresses multiple vulnerabilities within Windows kernel-mode drivers, specifically within certain USB drivers. These vulnerabilities could be exploited by attackers to gain the ability to execute code in the kernel, but the attacker must be physically at the computer and able to insert a USB device into the vulnerable machine. That means this is not the normal type of second-stage vulnerability that would be exploited to gain a deeper foothold on a system. Instead, this will only be exploited in very limited and targeted attacks. And that wraps up this month’s Patch Tuesday overview. So make sure to get the critical patches (MS13-021, MS13-022, MS13-023, and MS13-024) rolled out as soon as possible, followed by the rest of the patches. Also, be sure not to miss the Vulnerability Expert Forum tomorrow, Wednesday, March 13 at 1pm PT, where we cover these patches, as well as other security news. Sign up here.
Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Capabilities to NIST SP 800-207

Whitepapers

Mapping BeyondTrust Solutions to the Identity, Credential, and Access Management (ICAM) Architecture

Whitepapers

Four Key Ways Governments Can Prepare for the Growing Ransomware Threat

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.