Security News

Microsoft Security Bulletin Coverage (Aug 13, 2013)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of August, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-059 Cumulative Security Update for Internet Explorer (2862772)

  • CVE-2013-3184 Internet Explorer Memory Corruption Vulnerability
    IPS: 6020 “Windows IE Use-After-Free Vulnerability (MS13-059) 3”
  • CVE-2013-3186 Internet Explorer Process Integrity Level Assignment Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3187 Internet Explorer Memory Corruption Vulnerability
    IPS: 6023 “Windows IE Use-After-Free Vulnerability (MS13-059) 7”
  • CVE-2013-3188 Internet Explorer Memory Corruption Vulnerability
    IPS: 7026 “Windows IE Use-After-Free Vulnerability (MS13-059) 1”
  • CVE-2013-3189 Internet Explorer Memory Corruption Vulnerability
    IPS: 7027 “Windows IE Type Confusion Vulnerability (MS13-059)”
  • CVE-2013-3190 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3191 Internet Explorer Memory Corruption Vulnerability
    IPS: 7029 “Windows IE Use-After-Free Vulnerability (MS13-059) 2”
  • CVE-2013-3192 EUC-JP Character Encoding Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3193 Internet Explorer Memory Corruption Vulnerability
    IPS: 7060 “Windows IE Use-After-Free Vulnerability (MS13-059) 4”
  • CVE-2013-3194 Internet Explorer Memory Corruption Vulnerability
    IPS: 7061 “Windows IE Use-After-Free Vulnerability (MS13-059) 5”
  • CVE-2013-3199 Internet Explorer Memory Corruption Vulnerability
    IPS: 7062 “Windows IE Use-After-Free Vulnerability (MS13-059) 6”

MS13-060 Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869)

  • CVE-2013-3181 Uniscribe Font Parsing Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS13-061 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)

  • CVE-2013-2393 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    There are no known exploits in the wild.
  • CVE-2013-3776 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    There are no known exploits in the wild.
  • CVE-2013-3781 Oracle Outside In Contains Multiple Exploitable Vulnerabilities
    There are no known exploits in the wild.

MS13-062 Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (2849470)

  • CVE-2013-3175 Remote Procedure Call Vulnerability
    Cannot reproduct the attack.

MS13-063 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2859537)

  • CVE-2013-2556 ASLR Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3196 Windows Kernel Memory Corruption Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.
  • CVE-2013-3197 Windows Kernel Memory Corruption Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.
  • CVE-2013-3198 Windows Kernel Memory Corruption Vulnerability
    This is a local vulnerability. Detection of attack over the wire is not feasible.

MS13-064 Vulnerability in Windows NAT Driver Could Allow Denial of Service (2849568)

  • CVE-2013-3182 Windows NAT Denial of Service Vulnerability
    There are no known exploits in the wild.

MS13-065 Vulnerability in ICMPv6 could allow Denial of Service (2868623)

  • CVE-2013-3183 ICMPv6 Vulnerability
    There are no known exploits in the wild.

MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (2873872)

  • CVE-2013-3185 AD FS Information Disclosure Vulnerability
    There are no known exploits in the wild.
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
FakeRansom: Deletes files then demands payment for nothing (Jul 15th, 2016)
GD Library Buffer Overflow (May 19, 2016)
Wave of Zortob Backdoor Trojan discovered in the wild (Oct 18, 2013)
Bot with possible Chinese origins and Taliban lure (July 27, 2012)
HPE Intelligent Management Center arbitrary file upload vulnerability
BAT file based Ransomware targeting people in China
Cyber Security News & Trends – 07-13-18
Cybersecurity News & Trends - 07-10-20