Microsoft Security Bulletin Coverage (Apr 9, 2013)

Dell SonicWALL has analysed and addressed Microsoft’s security advisories for the month of April, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-028 Cumulative Security Update for Internet Explorer (2817183)

• CVE-2013-1303 Internet Explorer Use After Free Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1304 Internet Explorer Use After Free Vulnerability
  There are no known exploits in the wild.

MS13-029 Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)

• CVE-2013-1296 RDP ActiveX Control Remote Code Execution Vulnerability
  IPS: 9810 “Microsoft RDP ActiveX AdvancedSettings Attribute Setting”
  IPS: 9811 “Microsoft RDP ActiveX TransportSettings Attribute Setting”

MS13-030 Vulnerability in SharePoint Could Allow Information Disclosure (2827663)

• CVE-2013-1290 Incorrect Access Rights Information Disclosure Vulnerability
  This is a configuration issue; attack is not distinguishable.

MS13-031 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)

• CVE-2013-1284 Kernel Race Condition Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.
• CVE-2013-1294 Kernel Race Condition Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-032 Vulnerability in Active Directory Could Lead to Denial of Service (2830914)

• CVE-2013-1282 Memory Consumption Vulnerability
  There are no known exploits in the wild.

MS13-033 Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2820917)

• CVE-2013-1295 CSRSS Memory Corruption Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-034 Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)

• CVE-2013-0078 Microsoft Antimalware Improper Pathname Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-035 Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)

• CVE-2013-1289 HTML Sanitization Vulnerability

IPS: 9817 “HTML Sanitization Vulnerability”

MS13-036 Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)

• CVE-2013-1283 Win32k Race Condition Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.
• CVE-2013-1291 OpenType Font Parsing Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1292 Win32k Race Condition Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.
• CVE-2013-1293 NTFS NULL Pointer Dereference Vulnerability
  This is a local vulnerability. Detection of attack over the wire is not feasible.

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.