Posts

Microsoft Security Bulletin Coverage (Nov 12, 2013)

Dell SonicWALL has analyzed and addressed Microsoft’s security advisories for the month of November, 2013. A list of issues reported, along with Dell SonicWALL coverage information follows:

MS13-088 Cumulative Security Update for Internet Explorer (2888505)

  • CVE-2013-3871 Internet Explorer Memory Corruption Vulnerability
    IPS: 7547 “Windows IE Use-After-Free Vulnerability (MS13-080) 1”
  • CVE-2013-3908 Internet Explorer Information Disclosure Vulnerability
    IPS: 7599 “Windows IE Information Disclosure Vulnerability (MS13-088)”
  • CVE-2013-3909 Internet Explorer Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-3910 Internet Explorer Memory Corruption Vulnerability
    IPS: 7601 “Windows IE Use-After-Free Vulnerability (MS13-088) 1”
  • CVE-2013-3911 Internet Explorer Memory Corruption Vulnerability
    IPS: 7602 “Windows IE Use-After-Free Vulnerability (MS13-088) 2”
  • CVE-2013-3912 Internet Explorer Memory Corruption Vulnerability
    IPS: 7603 “Windows IE Use-After-Free Vulnerability (MS13-088) 3”
  • CVE-2013-3914 Internet Explorer Memory Corruption Vulnerability
    IPS: 7604 “Windows IE Use-After-Free Vulnerability (MS13-088) 4”
  • CVE-2013-3915 Internet Explorer Memory Corruption Vulnerability
    IPS: 7605 “DOM Object Use-After-Free Attack 8”
  • CVE-2013-3916 Internet Explorer Memory Corruption Vulnerability
    IPS: 7605 “DOM Object Use-After-Free Attack 8”
  • CVE-2013-3917 Internet Explorer Memory Corruption Vulnerability
    IPS: 7606 “Windows IE Use-After-Free Vulnerability (MS13-088) 5”

MS13-089 Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)

  • CVE-2013-3940 Internet Explorer Memory Corruption Vulnerability
    SPY: 3606 “Malformed-File doc.MP.15”

MS13-090 Cumulative Security Update of ActiveX Kill Bits (2900986)

  • CVE-2013-3918 InformationCardSigninHelper Vulnerability
    IPS: 7600 “InformationCardSigninHelper ActiveX Control Memory Corruption (MS13-090)”

MS13-091 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)

  • CVE-2013-0082 WPD File Format Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2013-1324 Word Stack Buffer Overwrite Vulnerability
    SPY: 3920 “Malformed-File doc.MP.16”
  • CVE-2013-1325 Word Heap Overwrite Vulnerability
    SPY: 4734 “Malformed-File doc.MP.17”

MS13-092 Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986)

  • CVE-2013-3898 Address Corruption Vulnerability
    There are no known exploits in the wild.

MS13-093 Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure (2875783)

  • CVE-2013-3887 Ancillary Function Driver Information Disclosure Vulnerability
    There are no known exploits in the wild.

MS13-094 Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514)

  • CVE-2013-3905 S/MIME AIA Vulnerability
    There are no known exploits in the wild.

MS13-095 Vulnerability in Digital Signatures Could Allow Denial of Service (2868626)

  • CVE-2013-3869 Digital Signatures Vulnerability
    There are no known exploits in the wild.