Microsoft Security Bulletin Coverage (Sept 10, 2013)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of September, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-067 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)

• CVE-2013-3858 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3857 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3849 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3848 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3847 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3180 POST XSS Vulnerability
  IPS: 6128 “Cross-Site Scripting (XSS) Attack 44”
• CVE-2013-3179 SharePoint XSS Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1330 MAC Disabled Vulnerability
  IPS: 6103 “Microsoft SharePoint Server Remote Code Execution 3”
• CVE-2013-1315 Microsoft Office Memory Corruption Vulnerability
  SPY: 4678 “Malformed-File xlw.MP.1”
• CVE-2013-0081 SharePoint Denial of Service Vulnerability
  IPS: 6100 “Microsoft SharePoint Server Remote Code Execution 5 (MS13-067)”

  IPS: 6096 “Microsoft SharePoint Server Remote Code Execution 4 (MS13-067)”

MS13-068 Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756473)

• CVE-2013-3870 Message Certificate Vulnerability
  There are no known exploits in the wild.

MS13-069 Cumulative Security Update for Internet Explorer (2870699)

• CVE-2013-3845 Internet Explorer Memory Corruption Vulnerability
  IPS: 7258 “Windows IE Use-After-Free Vulnerability (MS13-069) 1”
• CVE-2013-3209 Internet Explorer Memory Corruption Vulnerability
  IPS: 7278 “Windows IE Use-After-Free Vulnerability (MS13-069) 3”
• CVE-2013-3208 Internet Explorer Memory Corruption Vulnerability
  IPS: 7282 “Windows IE Use-After-Free Vulnerability (MS13-069) 4”
• CVE-2013-3207 Internet Explorer Memory Corruption Vulnerability
  IPS: 7287 “Windows IE Use-After-Free Vulnerability (MS13-069) 5”
• CVE-2013-3206 Internet Explorer Memory Corruption Vulnerability
  IPS: 7295 “Windows IE Use-After-Free Vulnerability (MS13-069) 6”
• CVE-2013-3205 Internet Explorer Memory Corruption Vulnerability
  IPS: 7323 “Windows IE Use-After-Free Vulnerability (MS13-069) 8”
• CVE-2013-3204 Internet Explorer Memory Corruption Vulnerability
  IPS: 7313 “Windows IE Use-After-Free Vulnerability (MS13-069) 7”
• CVE-2013-3203 Internet Explorer Memory Corruption Vulnerability
  IPS: 7339 “Windows IE Type Confusion Vulnerability (MS13-069)”
• CVE-2013-3202 Internet Explorer Memory Corruption Vulnerability
  IPS: 7273 “Windows IE Use-After-Free Vulnerability (MS13-069) 2”
• CVE-2013-3201 Internet Explorer Memory Corruption Vulnerability
  There are no known exploits in the wild.

MS13-070 Vulnerability in OLE Could Allow Remote Code Execution (2876217)

• CVE-2013-3863 OLE Property Vulnerability
  There are no known exploits in the wild.

MS13-071 Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063)

• CVE-2013-0810 Windows Theme File Remote Code Execution Vulnerability
  IPS: 6130 “Malformed Theme File”

MS13-072 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)

• CVE-2013-3858 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3857 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3856 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3855 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3854 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3853 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3852 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3851 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3850 Word Memory Corruption Vulnerability
  IPS: 6105 “Microsoft Word Memory Corruption Vulnerability (MS13-072) 1”
• CVE-2013-3849 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3848 Word Memory Corruption Vulnerability
  IPS: 6109 “Microsoft Word Memory Corruption Vulnerability (MS13-072) 2”
• CVE-2013-3847 Word Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3160 XML External Entities Resolution Vulnerability
  There are no known exploits in the wild.

MS13-073 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)

• CVE-2013-3159 XML External Entities Resolution Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3158 Microsoft Office Memory Corruption Vulnerability
  SPY: 4679 “Malformed-File xlw.MP.2”
• CVE-2013-1315 Microsoft Office Memory Corruption Vulnerability
  There are no known exploits in the wild.

MS13-074 Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (2848637)

• CVE-2013-3157 Access Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3156 Access File Format Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3155 Access Memory Corruption Vulnerability
  There are no known exploits in the wild.

MS13-075 Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687)

• CVE-2013-3859 Chinese IME Vulnerability
  There are no known exploits in the wild.

MS13-076 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2876315)

• CVE-2013-3866 Win32k Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3865 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.
• CVE-2013-3864 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1344 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1343 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1342 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.
• CVE-2013-1341 Win32k Multiple Fetch Vulnerability
  There are no known exploits in the wild.

MS13-077 Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (2872339)

• CVE-2013-3862 Service Control Manager Double Free Vulnerability
  There are no known exploits in the wild.

MS13-078 Vulnerability in FrontPage Could Allow Information Disclosure (2825621)

• CVE-2013-3137 XML Disclosure Vulnerability
  IPS: 6162 “Microsoft FrontPage Information Disclosure”

MS13-079 Vulnerability in Active Directory Could Allow Denial of Service (2853587)

• CVE-2013-3868 Remote Anonymous DoS Vulnerability
  There are no known exploits in the wild.

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.