[THIN] Fwd: Microsoft Security Bulletin Summary for April 2013
- From: Jim Kenzig <jkenzig@xxxxxxxxx>
- To: THIN <thin@xxxxxxxxxxxxx>
- Date: Tue, 9 Apr 2013 13:49:04 -0400
Heads up folks big update coming, rep affected.
Jim Kenzig
http://www.kenzig.com
Begin forwarded message:
> From: "Microsoft" <securitynotifications@xxxxxxxxxxxxxxxxxxxx>
> Date: April 9, 2013
> Subject: Microsoft Security Bulletin Summary for April 2013
> Reply-To: "Microsoft"
> <reply-fe8e1674776d0c7c72-887404_TEXT-327867193-188147-191@xxxxxxxxxxxxxxxxxxxxxxxx>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> ********************************************************************
> Microsoft Security Bulletin Summary for April 2013
> Issued: April 9, 2013
> ********************************************************************
>
> This bulletin summary lists security bulletins released for
> April 2013.
>
> The full version of the Microsoft Security Bulletin Summary for
> April 2013 can be found at
> http://technet.microsoft.com/security/bulletin/ms13-apr.
>
> With the release of the bulletins for April 2013, this bulletin
> summary replaces the bulletin advance notification originally issued
> on April 4, 2013. For more information about the bulletin
> advance notification service, see
> http://technet.microsoft.com/security/bulletin/advance.
>
> To receive automatic notifications whenever Microsoft Security
> Bulletins are issued, subscribe to Microsoft Technical Security
> Notifications at
> http://technet.microsoft.com/security/dd252948.
>
> Microsoft is hosting a webcast to address customer questions on
> these bulletins on April 10, 2013, at 11:00 AM Pacific Time
> (US & Canada). Register for the Security Bulletin Webcast at
> http://technet.microsoft.com/security/bulletin.
>
> Microsoft also provides information to help customers prioritize
> monthly security updates with any non-security, high-priority
> updates that are being released on the same day as the monthly
> security updates. Please see the section, Other Information.
>
>
> Critical Security Bulletins
> ============================
>
> MS13-028
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Internet Explorer 6
> - Internet Explorer 7
> - Internet Explorer 8
> - Windows XP Professional x64 Edition Service Pack 2
> - Internet Explorer 6
> - Internet Explorer 7
> - Internet Explorer 8
> - Windows Server 2003 Service Pack 2
> - Internet Explorer 6
> - Internet Explorer 7
> - Internet Explorer 8
> - Windows Server 2003 x64 Edition Service Pack 2
> - Internet Explorer 6
> - Internet Explorer 7
> - Internet Explorer 8
> - Windows Server 2003 with SP2 for Itanium-based Systems
> - Internet Explorer 6
> - Internet Explorer 7
> - Windows Vista Service Pack 2:
> - Internet Explorer 7
> - Internet Explorer 8
> - Internet Explorer 9
> - Windows Vista x64 Edition Service Pack 2:
> - Internet Explorer 7
> - Internet Explorer 8
> - Internet Explorer 9
> - Windows Server 2008 for 32-bit Systems Service Pack 2:
> - Internet Explorer 7
> - Internet Explorer 8
> - Internet Explorer 9
> (Windows Server 2008 Server Core installation not affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2:
> - Internet Explorer 7
> - Internet Explorer 8
> - Internet Explorer 9
> (Windows Server 2008 Server Core installation not affected)
> - Windows Server 2008 for Itanium-based Systems Service Pack 2
> - Internet Explorer 7
> - Windows 7 for 32-bit Systems:
> - Internet Explorer 8
> - Internet Explorer 9
> - Windows 7 for 32-bit Systems Service Pack 1:
> - Internet Explorer 8
> - Internet Explorer 9
> - Internet Explorer 10
> - Windows 7 for x64-based Systems:
> - Internet Explorer 8
> - Internet Explorer 9
> - Windows 7 for x64-based Systems Service Pack 1:
> - Internet Explorer 8
> - Internet Explorer 9
> - Internet Explorer 10
> - Windows Server 2008 R2 for x64-based Systems:
> - Internet Explorer 8
> - Internet Explorer 9
> (Windows Server 2008 R2 Server Core installation
> not affected)
> - Windows Server 2008 R2 for x64-based Systems
> Service Pack 1:
> - Internet Explorer 8
> - Internet Explorer 9
> - Internet Explorer 10
> (Windows Server 2008 R2 Server Core installation
> not affected)
> - Windows Server 2008 R2 for Itanium-based Systems and
> Windows Server 2008 R2 for Itanium-based Systems Service
> Pack 1
> - Internet Explorer 8
> - Windows 8 for 32-bit Systems
> - Internet Explorer 10
> - Windows 8 for 64-bit Systems
> - Internet Explorer 10
> - Windows Server 2012
> - Internet Explorer 10
> (Windows Server 2012 Server Core installation not affected)
> - Windows RT
> - Internet Explorer 10
> - Impact: Remote Code Execution
> - Version Number: 1.0
>
> MS13-029
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Remote Desktop Connection 6.1 Client
> - Remote Desktop Connection 7.0 Client
> - Windows XP Professional x64 Edition Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Windows Server 2003 Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Windows Server 2003 x64 Edition Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Windows Vista Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Remote Desktop Connection 7.0 Client
> - Windows Vista x64 Edition Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Remote Desktop Connection 7.0 Client
> - Windows Server 2008 for 32-bit Systems Service Pack 2
> - Remote Desktop Connection 6.1 Client
> (Windows Server 2008 Server Core installation not affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2
> - Remote Desktop Connection 6.1 Client
> (Windows Server 2008 Server Core installation not affected)
> - Windows Server 2008 for Itanium-based Systems Service Pack 2
> - Remote Desktop Connection 6.1 Client
> - Windows 7 for 32-bit Systems and
> Windows 7 for 32-bit Systems Service Pack 1
> - Remote Desktop Connection 7.0 Client
> - Windows 7 for x64-based Systems and
> Windows 7 for x64-based Systems Service Pack 1
> - Remote Desktop Connection 7.0 Client
> - Windows Server 2008 R2 for x64-based Systems and
> Windows Server 2008 R2 for x64-based Systems Service Pack 1
> - Remote Desktop Connection 7.0 Client
> (Windows Server 2008 R2 Server Core installation not affected)
> - Windows Server 2008 R2 for Itanium-based Systems and
> Windows Server 2008 R2 for Itanium-based Systems Service
> Pack 1
> - Remote Desktop Connection 7.0 Client
> - Impact: Remote Code Execution
> - Version Number: 1.0
>
>
> Important Security Bulletins
> ============================
>
> MS13-030
>
> - Affected Software:
> - Microsoft SharePoint Server 2013
> - Impact: Information Disclosure
> - Version Number: 1.0
>
> MS13-031
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Windows XP Professional x64 Edition Service Pack 2
> - Windows Server 2003 Service Pack 2
> - Windows Server 2003 x64 Edition Service Pack 2
> - Windows Server 2003 with SP2 for Itanium-based Systems
> - Windows Vista Service Pack 2
> - Windows Vista x64 Edition Service Pack 2
> - Windows Server 2008 for 32-bit Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for Itanium-based Systems Service Pack 2
> - Windows 7 for 32-bit Systems and
> Windows 7 for 32-bit Systems Service Pack 1
> - Windows 7 for x64-based Systems and
> Windows 7 for x64-based Systems Service Pack 1
> - Windows Server 2008 R2 for x64-based Systems and
> Windows Server 2008 R2 for x64-based Systems Service Pack 1
> (Windows Server 2008 R2 Server Core installation affected)
> - Windows Server 2008 R2 for Itanium-based Systems and
> Windows Server 2008 R2 for Itanium-based Systems Service
> Pack 1
> - Windows 8 for 32-bit Systems
> - Windows 8 for 64-bit Systems
> - Windows Server 2012
> (Windows Server 2012 Server Core installation affected)
> - Windows RT
> - Impact: Elevation of Privilege
> - Version Number: 1.0
>
> MS13-032
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Active Directory Application Mode (ADAM)
> - Windows XP Professional x64 Edition Service Pack 2
> - Active Directory Application Mode (ADAM)
> - Windows Server 2003 Service Pack 2
> - Active Directory
> - Active Directory Application Mode (ADAM)
> - Windows Server 2003 x64 Edition Service Pack 2
> - Active Directory
> - Active Directory Application Mode (ADAM)
> - Windows Server 2003 with SP2 for Itanium-based Systems
> - Active Directory
> - Windows Vista Service Pack 2
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows Vista x64 Edition Service Pack 2
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows Server 2008 for 32-bit Systems Service Pack 2
> - Active Directory Services
> - Active Directory Lightweight Directory Service (AD LDS)
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2
> - Active Directory Services
> - Active Directory Lightweight Directory Service (AD LDS)
> (Windows Server 2008 Server Core installation affected)
> - Windows 7 for 32-bit Systems and
> Windows 7 for 32-bit Systems Service Pack 1
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows 7 for x64-based Systems and
> Windows 7 for x64-based Systems Service Pack 1
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows Server 2008 R2 for x64-based Systems and
> Windows Server 2008 R2 for x64-based Systems Service Pack 1
> - Active Directory Services
> - Active Directory Lightweight Directory Service (AD LDS)
> (Windows Server 2008 R2 Server Core installation affected)
> - Windows 8 for 32-bit Systems
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows 8 for 64-bit Systems
> - Active Directory Lightweight Directory Service (AD LDS)
> - Windows Server 2012
> - Active Directory Services
> (Windows Server 2012 Server Core installation affected)
> - Impact: Denial of Service
> - Version Number: 1.0
>
> MS13-033
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Windows XP Professional x64 Edition Service Pack 2
> - Windows Server 2003 Service Pack 2
> - Windows Server 2003 x64 Edition Service Pack 2
> - Windows Server 2003 with SP2 for Itanium-based Systems
> - Windows Vista Service Pack 2
> - Windows Vista x64 Edition Service Pack 2
> - Windows Server 2008 for 32-bit Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for Itanium-based Systems Service Pack 2
> - Impact: Elevation of Privilege
> - Version Number: 1.0
>
> MS13-034
>
> - Affected Software:
> - Windows Defender for Windows 8 and Windows RT
> - Impact: Elevation of Privilege
> - Version Number: 1.0
>
> MS13-035
>
> - Affected Software:
> - Microsoft InfoPath 2010 Service Pack 1 (32-bit editions)
> - Microsoft InfoPath 2010 Service Pack 1 (64-bit editions)
> - Microsoft SharePoint Server 2010 Service Pack 1
> - Microsoft Groove Server 2010 Service Pack 1
> - Microsoft SharePoint Foundation 2010 Service Pack 1
> - Microsoft Office Web Apps 2010 Service Pack 1
> - Impact: Elevation of Privilege
> - Version Number: 1.0
>
> MS13-036
>
> - Affected Software:
> - Windows XP Service Pack 3
> - Windows XP Professional x64 Edition Service Pack 2
> - Windows Server 2003 Service Pack 2
> - Windows Server 2003 x64 Edition Service Pack 2
> - Windows Server 2003 with SP2 for Itanium-based Systems
> - Windows Vista Service Pack 2
> - Windows Vista x64 Edition Service Pack 2
> - Windows Server 2008 for 32-bit Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for x64-based Systems Service Pack 2
> (Windows Server 2008 Server Core installation affected)
> - Windows Server 2008 for Itanium-based Systems Service Pack 2
> - Windows 7 for 32-bit Systems and
> Windows 7 for 32-bit Systems Service Pack 1
> - Windows 7 for x64-based Systems and
> Windows 7 for x64-based Systems Service Pack 1
> - Windows Server 2008 R2 for x64-based Systems and
> Windows Server 2008 R2 for x64-based Systems Service Pack 1
> (Windows Server 2008 R2 Server Core installation affected)
> - Windows Server 2008 R2 for Itanium-based Systems and
> Windows Server 2008 R2 for Itanium-based Systems Service
> Pack 1
> - Windows 8 for 32-bit Systems
> - Windows 8 for 64-bit Systems
> - Windows Server 2012
> (Windows Server 2012 Server Core installation affected)
> - Windows RT
> - Impact: Elevation of Privilege
> - Version Number: 1.0
>
>
> Other Information
> =================
>
> Follow us on Twitter for the latest information and updates:
> http://twitter.com/msftsecresponse
>
> Microsoft Windows Malicious Software Removal Tool:
> ==================================================
> Microsoft has released an updated version of the Microsoft Windows
> Malicious Software Removal Tool on Windows Update, Microsoft Update,
> Windows Server Update Services, and the Download Center.
>
> Non-Security Updates on MU, WU, and WSUS:
> ========================================================
> For information about non-security releases on Windows Update and
> Microsoft Update, please see:
> * http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
> Article 894199, Description of Software Update Services and
> Windows Server Update Services changes in content.
> Includes all Windows content.
> * http://technet.microsoft.com/wsus/bb456965: Updates
> from Past Months for Windows Server Update Services. Displays all
> new, revised, and rereleased updates for Microsoft products other
> than Microsoft Windows.
>
> Microsoft Active Protections Program (MAPP)
> ===========================================
> To improve security protections for customers, Microsoft provides
> vulnerability information to major security software providers in
> advance of each monthly security update release. Security software
> providers can then use this vulnerability information to provide
> updated protections to customers via their security software or
> devices, such as antivirus, network-based intrusion detection
> systems, or host-based intrusion prevention systems. To determine
> whether active protections are available from security software
> providers, please visit the active protections websites provided by
> program partners, listed at
> http://www.microsoft.com/security/msrc/collaboration/mapp.aspx.
>
> Recognize and avoid fraudulent email to Microsoft customers:
> =============================================================
> If you receive an email message that claims to be distributing
> a Microsoft security update, it is a hoax that may contain
> malware or pointers to malicious websites. Microsoft does
> not distribute security updates via email.
>
> The Microsoft Security Response Center (MSRC) uses PGP to digitally
> sign all security notifications. However, PGP is not required for
> reading security notifications, reading security bulletins, or
> installing security updates. You can obtain the MSRC public PGP key
> at
> https://technet.microsoft.com/security/bulletin/pgp.
>
> To receive automatic notifications whenever Microsoft Security
> Bulletins are issued, subscribe to Microsoft Technical Security
> Notifications on
> http://technet.microsoft.com/security/dd252948.
>
> ********************************************************************
> THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
> PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
> DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
> THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
> PURPOSE.
> IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
> LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
> INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
> DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
> ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
> SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
> FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
> LIMITATION MAY NOT APPLY.
> ********************************************************************
> To manage or cancel your subscription to this newsletter,
> visit the Microsoft.com Profile Center at
> <http://go.microsoft.com/fwlink/?LinkId=245953> and then
> click Manage Communications under My Subscriptions in the
> Quicklinks section.
>
> For more information, see the Communications Preferences section
> of the Microsoft Online Privacy Statement at:
> <http://go.microsoft.com/fwlink/?LinkId=92781>.
>
> For the complete Microsoft Online Privacy Statement, see:
> <http://go.microsoft.com/fwlink/?LinkId=81184>.
>
> For legal Information, see:
> <http://www.microsoft.com/info/legalinfo/default.mspx>.
>
> This newsletter was sent by:
> Microsoft Corporation
> 1 Microsoft Way
> Redmond, Washington, USA
> 98052
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 10.2.0 (Build 1950)
> Charset: utf-8
>
> wsFVAwUBUWNVWRWqSyu+jsPhAQiYyxAAmz6CDxwGuWZfo+8IDqLkW0cHV9tcqqoE
> LCBdKMLvTG7NCbsVJhm/3z9cv268cD5kq2XlejTzibbIUb5H/7NwUQWchgIP2wP4
> LBYrT1yUASeEGaLhyVB2FFHW56IZLPY5cMU8jxCgLo8JYGb0x1M0qJOLwg6YUp1Y
> wLw6UnsMTJYhfffFYG2hX7DiCKogHRWCe2PIJ/5y79qfGddUzi8vefzl8dx8zoy3
> Wlc1YPEJDRIvwCTZyZOmfVhMv/13coIwPZtVTQY70RJzOzsRzTcOEuvyly80NdhJ
> tEtunDKztAp0VAzVeS6zDqo0AA4JXtBN++0KGpR14GKJguDSqA0ZJi7NT7+KG27E
> 0xHoy7RcUIktwXOtwSsQ9rfpLN2BNdVRi8FLo1LvSaqG5hVQ2kG8rUT+5OjMk+Tx
> ZSdYBAgT+x9cojQmz42Mw286NfeLsYorHTJ2h7ETEgci7ZBXaKLz7wZ97ro5H3IZ
> E7Z1EXpv6SoGhC561U4ri3fDA6nQQF8pxa8vp+JK7umRU8SbiGbY6YDgwC7e6KtL
> Nl2gtYM8dCD1hAvjq/Hl8DIJUIbKLUd6RgiHVXw9XPiEW+JD41L37FaO3vDXI/Ju
> YEImSpAaRyjJBCNlgrw/5G2XyNF7Vtb5m+fN792ZG87JMLthNjt6v7OWRFXy/SVX
> 0PLg1lTxykU=
> =aGWS
> -----END PGP SIGNATURE-----
>
Other related posts:
- » [THIN] Fwd: Microsoft Security Bulletin Summary for April 2013 - Jim Kenzig
