Security News

Microsoft Security Bulletin Coverage (Oct 8, 2013)

By

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of October, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-080 Cumulative Security Update for Internet Explorer (2879017)

  • CVE-2013-3872 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3873 Internet Explorer Memory Corruption Vulnerability
    IPS: 7548 “Windows IE Use-After-Free Vulnerability (MS13-080) 2”
  • CVE-2013-3874 Internet Explorer Memory Corruption Vulnerability
    IPS: 7549 “Windows IE Use-After-Free Vulnerability (MS13-080) 3”
  • CVE-2013-3875 Internet Explorer Memory Corruption Vulnerability
    IPS: 7550 “Windows IE Use-After-Free Vulnerability (MS13-080) 4”
  • CVE-2013-3882 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3885 Internet Explorer Memory Corruption Vulnerability
    IPS: 7551 “Windows IE Use-After-Free Vulnerability (MS13-080) 5”
  • CVE-2013-3886 Internet Explorer Memory Corruption Vulnerability
    IPS: 7552 “Windows IE Use-After-Free Vulnerability (MS13-080) 6”
  • CVE-2013-3893 Internet Explorer Memory Corruption Vulnerability
    IPS: 7377 “Windows IE Memory Corruption Vulnerability”
    IPS: 7417 “Windows IE Memory Corruption Vulnerability 2”
    SPY: 4119 “Malformed-File html.TL.274”
  • CVE-2013-3897 Internet Explorer Memory Corruption Vulnerability
    Please check Analysis for more details on the exploit seen in the wild.
    IPS: 7553 “Windows IE Use-After-Free Vulnerability (MS13-080) 7”
    SPY: 4684 “CVE-2013-3897”

MS13-081 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)

  • CVE-2013-3894 TrueType Font CMAP Table Vulnerability Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3888 DirectX Graphics Kernel Subsystem Double Fetch Vulnerability Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3881 Win32k NULL Page Vulnerability
    This is a local vulnerability.
  • CVE-2013-3880 App Container Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3879 Win32k Use After Free Vulnerability
    This is a local vulnerability.
  • CVE-2013-3200 Windows USB Descriptor Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3128 Open Type Font Parsing Vulnerability
    SPY: 4683 “Malformed-File otf.MP.9”

MS13-082 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)

  • CVE-2013-3861 JSON Parsing Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3860 Entity Expansion Vulnerability
    IPS: 6316 “Microsoft .NET Framework Entity Expansion DoS”
  • CVE-2013-3128 OpenType Font Parsing Vulnerability
    SPY: 4683 “Malformed-File otf.MP.9”

MS13-083 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)

  • CVE-2013-3195 Comctl32 Integer Overflow Vulnerability
    SPY: 4685 “Malformed-File exe.MP.7”

MS13-084 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)

  • CVE-2013-3895 Parameter Injection Vulnerability
    IPS: 7555 “Microsoft SharePoint Server Remote Code Execution 4 (MS13-084)”
  • CVE-2013-3889 MIcrosoft Excel Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS13-085 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080)

  • CVE-2013-3890 Microsoft Excel Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3889 Microsoft Excel Memory Corruption Vulnerability
    There are no known exploits in the wild.

MS13-086 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)

  • CVE-2013-3892 Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3891 Memory Corruption Vulnerability
    SPY: 4686 “Malformed-File doc.MP.14”

MS13-087 Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

  • CVE-2013-3896 Silverlight Vulnerability
    There are no known exploits in the wild.
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
IBM iNotes ActiveX Control Vulnerability (Nov 8, 2013)
New French Ransomware spotted in the wild (February 12, 2016)
WE ARE INTERESTED IN YOUR PRODUCTS (Feb 14, 2013)
Dell SonicWALL and Financial Sector CIG
Oficla spam on the rise (April 8, 2011)
HermeticWiper data wiping malware targeting Ukrainian organizations
Cryptomining trojan targeting Linux platforms seen in the wild
Cashandler.A: New variant family of InfoStealer Trojan actively spreading in the wild.