Microsoft Releases Massive Patch for 57 Vulnerabilities -- Redmondmag.com

Microsoft Releases Massive Patch for 57 Vulnerabilities

By Chris Paoli
02/12/2013

February's Microsoft Security Update arrived today with a larger-than-usual 12 bulletins -- five rated "critical" and seven "important."

The large monthly patch, which covers 57 vulnerabilities, is highlighted by a security bulletin for Internet Explorer (MS13-009). This cumulative Internet Explorer fix addresses 12 vulnerabilities that could lead to remote code execution (RCE) attacks if a user clicked on a malicious Web page.

However, that's not the only item that addresses Microsoft's Internet browser for the month. Bulletin MS13-010 targets a flaw in M Security experts typically recommend that users prioritize any Internet Explorer fixes first in the patch cycle. Adding to that advice, Wolfgang Kandek, CTO of Qualys Inc. said that bulletin MS13-010 should be updated as soon as possible.

"It is rated critical and quite urgent to fix because the vulnerability is being exploited in the wild," said Kandek. "The bug is in the VML (Vector Markup Language) DLL, the ActiveX control for the largely unused XML-based standard format for two-dimensional Vector graphics. VML has been patched twice before in 2007 and 2011 and it would probably be safest to delete it altogether, but there does not seem to be a way to do this short of disabling all ActiveX processing. Both IE updates, core and VML, should be installed as quickly as possible."

Once the two Internet Explorer items have been updated, Microsoft recommends that IT shops with Windows XP deployed should turn their attention to security bulletin MS13-020 -- a fix for a vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation.

Bulletin MS13-011, the second-to-last critical item for February, addresses a publicly disclosed hole in Windows XP, Vista, Windows Server 2003 and Windows Server 2008. "The most severe vulnerability is in Microsoft Exchange Server WebReady Document Viewing, and could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA)," according to Microsoft.

The final critical item, bulletin MS13-012, also concerns the threat of attack by specially crafted OWA files, with the hole lying in Microsoft's Exchange server.

After these five bulletins have been successfully installed, the final seven important fixes should be deployed based on the use of the affected software. Information on these items can be found in the Microsoft Security Bulletin Summary.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.