Microsoft

It's Microsoft Patch Tuesday: August 2013

TechRepublic gathers the information you need to make the right deploy decision when applying Microsoft's August 2013 patches in your organization.

6420006-608-224.jpg
By Susan Bradley, MVP (SBS)

The dog days of summer are here along with eight bulletins that include one that impacts Exchange 2007 through Exchange 2013. In fact, it's the first official security patch for that platform. Due to a change in how Exchange 2013 releases updates you must be on Cumulative rollup update 1 or 2 in order to deploy this security update.

Once again we're patching Internet Explorer (6 through 10) for a critical issue that includes remote code execution. For many of you, the biggest headache will be reinstalling those .NET updates from last month's MS13-052 that will have to be reinstalled again along with the re-released Windows Media patch in MS13-057 that had issues with certain applications and WMF files last month.

This blog post is also available in the PDF format in a TechRepublic Download.

Security Patches

This month's eight security bulletins address vulnerabilities in Internet Explorer, the Windows OS, and Exchange.

***

MS13-059/KB2862772 – Cumulative Security Update for Internet Explorer (IE 6, 7, 8, 9 and 10 on Windows XP, Vista, Windows 7, Windows 8, Windows RT and Server 2003, 2008, 2008 R2 and 2012, all editions). This update is rated critical for client and important for server operating systems and affects all listed versions of the Internet Explorer web browser and all currently supported Windows operating systems (server core installations excluded). It addresses eleven different vulnerabilities that stem from the way IE handles objects in memory, some of which allow remote code execution if a specially crafted malicious web page is visited. A restart is required after installation.

**

MS13-060/KB2850869 – Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (Windows XP, Server 2003). This update is rated critical XP and Server 2003. It addresses one vulnerability in Unicode Scripts specifically if the Indic language pack (Bangali font) is installed. A victim could browse to a malicious webpage and be attacked. A restart may not be required after installation.

**

MS13-061/KB2876063 – Vulnerability in Exchange Server Could Allow Remote Code Execution (Exchange 2007, 2010 and 2013). This update is rated Critical for Exchange Servers. It addresses three vulnerabilities in WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server. The vulnerability could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA). It specially addresses the Oracle Outside In issues included in a recent Oracle security update. A restart is not required after installation.

**

MS13-062/KB2849470 – Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (Windows Vista, Windows 7, Windows 8, Windows RT, Server 2008, 2008 R2, and 2012, including server core installation). This update is rated Important for all operating systems. It addresses vulnerability by correcting the way that Microsoft Windows handles asynchronous RPC messages. The vulnerability could allow elevation of privilege if an attacker sends a specially crafted RPC request. It will be difficult to trigger this attack reliably. A restart is required after installation.

**

MS13-063/KB2859537 – Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (32bit versions of Windows XP, Windows Server 2003, and Windows 8; and all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2). This update is rated important for impacted operating systems. It addresses vulnerabilities by changing how the Windows kernel validates memory address values and by modifying functionality to maintain the integrity of ASLR. The update also addresses a recent CanSecWest pwn2own exploit. A restart is required after installation.

**

MS13-064/KB2849568 – Vulnerability in Windows NAT Driver Could Allow Denial of Service (Windows Server 2012). This update is rated important for Windows Server 2012. It addresses one vulnerability in the Windows NAT Driver in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a specially crafted ICMP packet to a target server that is running the Windows NAT Driver service. This was first introduced in Windows Server 2012. A restart is required after installation.

**

MS13-065/KB2868623 – Vulnerability in ICMPv6 could allow Denial of Service (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT) The update is rated important for impacted systems. It addresses one vulnerability that could allow a denial of service if the attacker sends a specially crafted ICMP packet to the target systems. A restart is required after installation.

**

MS13-066/KB2873872 – Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Windows Server 2003, 2008, 2008 R2 and 2012) The update is rated important for impacted systems. It addresses one vulnerability that could reveal information pertaining to the service account used by AD FS leading to attempted logins and denial of service attacks. A restart is required after installation.

Other Updates/Releases

There were non-security updates released for August, including the regular monthly update for the Malicious Software Removal Tool (MSRT).

**

KB2856373 – Update to improve protection functionality in Windows Defender (Windows 8, Windows RT, Server 2012). This update improves protection functionality in Windows Defender A restart is required.

*

KB2862768 – Windows RT, Windows 8, and Windows Server 2012 update rollup: August 2013 (Windows 8, Windows RT and Server 2012). This update resolves an issue in which some Micro SD cards are not detected on Windows 8 tablets as well as several other issues. A restart is required after installation.

**

KB2863058 – August 2013 cumulative time zone update for Windows operating systems (Windows 8, Windows RT, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP). This update contains time zone fixes impacting Libya, Israel, Pacific SA, Paraguay, West Asia, and Morocco. No restart is required after installation.

*

KB931125 – Update for Root Certificates (Windows XP [manually]). This item updates the list of root certificates on your computer to the list that is accepted by Microsoft as part of the Microsoft Root Certificate Program. A restart is required after installation.

**

KB2767849 – 2007 Office system update: August 13, 2013 (Office 2007). This item fixes an issue where Office 2007 cannot add a digital signature to a document. A restart is not required after installation.

*

KB2861855 – Updates to Improve Remote Desktop Protocol Network-level Authentication (Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2]. The update adds defense-in-depth measures to the Network Level Authentication (NLA) technology within the Remote Desktop Protocol in Microsoft Windows. A restart is not required after installation.

**

KB890830 – Windows Malicious Software Removal Tool, August 2013. This is the monthly release of the latest version and definitions for the MSRT, which checks your computer for specific prevalent malware.

Rereleased updates since Patch Tuesday

Microsoft has rereleased two updates since last Patch Tuesday to fix issues associated with the updates:

**

MS13-052/KB2861561 – Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (Windows Server 2003, 2008, 2008 R2 and 2012) The Bulletin revised to rerelease the 2840628, 2840632, 2840642, 2844285, 2844286, 2844287, and 2844289 updates. Customers should install the rereleased updates that apply to their systems. A restart is required after installation.

**

MS13-057/KB2847883 – Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (Windows 7, Windows Server 2008 R2,) The Bulletin revised to rerelease the 2803821 update due to issues with WMV files and certain applications. Customers should install the rereleased updates that apply to their systems. A restart may be required after installation.

Susan Bradley is a Small Business Server and Security MVP who is a moderator on the Patchmanagement.org list and writes for WindowsSecrets.com. She's attempting to fill the esteemed shoes of Deb Shinder while she's on a much earned vacation.


5 comments
MikeBrennan
MikeBrennan

Just applied the upgrade to an old home machine running Vista Home Premium. It trashed the Aero interface. MS Fixit tool failed (as expected). Then decided to follow what's normally my advice to others. Switched it off then back on again. Sanity (and Aero) restored.

Koko Bill
Koko Bill

guess Flash Player is the main issue in new updates....nothing else comes on my mind...cos' it comes to the problem every time when Flash is included or needed...

Koko Bill
Koko Bill

funny, after I installed new updates , August, half of the stuff doesn't work in IE on Windows 8.1...this is a second time I'm trying to post this here, but failed, nothing that requre Flash doesn't work any more...no online friends bar at Facebook, I try it on Firefox and everything is OK...Youtube videos are makeing problems, IE 11 is stoping all the time (fix connection, cant show the site)..and a lot of bugs more...don't know what MS did with these updates, but it's no good at all...hope they are going to fix these problems as soon as it's posible...if they even know about this..

jelabarre
jelabarre

Funny, I keep installing the "Windows Malicious Software Removal Tool", yet MSWindows is still there....   <G>


Mark W. Kaelin
Mark W. Kaelin moderator

TechRepublic gathers the information you need to make the right deploy decision when applying Microsoft's August 2013 patches in your organization.