Deb Shinder gathers the information you need to make the right deploy decision when applying Microsoft's March 2013 patches in your organization.
It's time to beware the Ides of March - but what about the Patches of Tuesday? This month traditionally heralds the arrival of spring, but before you succumb to spring fever and abandon the server room for the great outdoors, be sure you get the March updates applied to your systems.
We're back to lucky seven in the number of security bulletins, with the majority of those (four) affecting Microsoft Office. Two of the Office-related bulletins, along with one affecting Windows and IE, and one affecting Silverlight, are rated Critical; the rest are rated Important.
This blog post is also available in the PDF format in a TechRepublic Download. Falling behind on your patch deployments, catch up with previously published Microsoft Patch Tuesday blog posts.
Microsoft Office is the primary focus of this month's patches, with only two that affect Windows itself.
MS13-021/KB2809289 - Cumulative Security Update for Internet Explorer (IE 6, 7, 8, 9 and 10). This update addresses nine vulnerabilities that could be exploited to allow an attacker to gain the same rights as the currently logged-on user, due to the way IE handles objects in memory. It's rated Critical for IE on Windows clients and Moderate for IE on Windows servers. It impacts all Windows client and server operating systems except Windows 7 SP1 and Server 2008 R2 SP1 running IE 10 and also does not impact Server Core installations.
MS13-022/KB2814124 - Vulnerability in Silverlight that could allow Remote Code Execution (Silverlight 5 installed on any supported release of Windows client and Windows server or installed on Mac, including Developer Runtime). This update addresses one vulnerability that could allow an attacker to remotely execute code on a computer that visits a web site containing a specially crafted malicious Silverlight application. It is rated Critical on all operating systems that have Silverlight installed.
MS13-023/KB2801261 - Vulnerability in Visio Viewer 2010 (Visio Viewer 2010 SP1 32 and 64 bit, Vision 2010 SP1 32 and 64 bit, Office 2010 Filter Pack SP1 32 and 64 bit). This update addresses one vulnerability that could allow an attacker to remotely execute code on a computer when the user opens a specially crafted malicious Visio file either in Visio itself or in the viewer. It is rated Critical for all supported editions of Visio/Visio Viewer 2010. It does not impact Visio 2003, 2007 or 2013.
MS13-024/KB2780176 - Vulnerabilities in SharePoint (SharePoint Server 2010 SP1, SharePoint Foundation 2010 SP1). This addresses four vulnerabilities that could allow elevation of privileges if a user clicks a specially crafted URL that leads to a targeted SharePoint site. It's rated Critical for all supported editions of SharePoint 2010 and Important for SharePoint Foundation 2010. It does not affect SharePoint Server 2007 SP3, SharePoint Server 2013, Groove 2007 SP3, Groove 2010 SP1, SharePoint Portal Server 2003 SP3, SharePoint Services 2.0 and 3.0 SP3, SharePoint Foundation 2013, or SharePoint Workspace 2010 SP1.
MS13-025/KB2816264 - Information Disclosure Vulnerability in OneNote (OneNote 2010 SP1). This update addresses one vulnerability in OneNote 2010 that could allow an attacker to gain access to a user's information if the user opens a specially crafted malicious OneNote file. It is rated Important for OneNote 2010. It does not affect other supported versions of OneNote and does not affect Microsoft Web Apps 2010 SP1.
MS13-026/KB2813682 - Vulnerability in Office Outlook for Mac (Office 2008 for Mac, Office for Mac 2011). This update could expose a user's information if the user opens a specially crafted malicious email message. It's rated Important for the listed versions of Office for Mac.
Ms13-027/KB2807986 - Vulnerability in Kernel-Mode Drivers (Windows XP SP3, XP Pro SP2, Server 2003 SP2, Vista SP2, Server 2008 SP2, Server 2008 R2 SP1, Windows 8, Server 2012, includes all Server Core installations). This update addresses three vulnerabilities in all supported versions of Windows except Windows RT, which could allow elevation of privilege if an attacker is able to access a system. It's rated Important for all versions.
There are ten non-security updates released today, along with the regular monthly update for the Malicious Software Removal Tool (MSRT).
KB2775511 - Enterprise hotfix rollup (Windows 7 SP1 and Server 2008 R2 SP1). This rollup contains fixes released after SP1 and addresses the Windows Client Remote File System, SMB service, TCP protocol, Windows Management Instrumentation (WMI) and processing of Group Policies.
KB2781197 - Anti-malware platform update for Windows Defender (Windows 8). This update for Windows Defender updates services, drivers, and the user interface.
KB2790907 - Compatibility Update (Windows 8 and Server 2012). This update improves the compatibility experience in Windows 8 and Server 2012.
KB2791338 - Dynamic Update (Windows 8 and Server 2012). This update improves the legacy upgrade experience when you upgrade to the latest version of Windows 8.
KB2791342 - Compatibility Update for Web and Media Experience (Windows 8 and Server 2012). This update provides compatibility improvements and improves the web and media upgrade experience.
KB2791647 - Windows MultiPoint Server 2012 General Availability Cumulative Update (MultiPoint Server 2012). This update introduces support for USB-over-Ethernet client devices and drivers and fixes issues with Virtual Desktop templates on UEFI systems and a language problem with MultiPoint Help.
KB2791765 - Application Compatibility Update (Windows 7 and Server 2008 R2). This update improves the compatibility experience in Windows 7 and Server 2008 R2, including the Acer Live Updater, Office Enterprise Suite and BOCOM Internet Banking Wizard.
KB2806748 - Fix for Incorrect Results from AD PowerShell Cmdlets (Windows Server 2008 R2). This update addresses a problem of getting incorrect results when you run AD Windows PowerShell cmdlets on a domain controller running Windows Server 2008 R2.
KB2811660 - Cumulative Update for Windows 8 and Server 2012 (Windows 8, Server 2012). This update addresses reliability of USB 3.0 device initialization, an issue with the on-screen keyboard, a GPO issue, Wi-Fi reliability, and rendering of bold text, as well as a number of other reliability and performance issues.
KB2812822 - System Restart Problem (Windows RT, 8 and Server 2012). This update addresses an issue with Windows RT, 8 and Server 2012 whereby the system may restart and not display the "Choose an Option" screen when you try to restart into the UEFI Firmware Settings using Advanced Startup.
KB890830 - Windows Malicious Software Removal Tool - March 2013 and Internet Explorer Version. (Windows 8, Server 2012, Windows 7, Server 2008/2008 R2, Vista, Server 2003, XP). This is the monthly update to the MSRT.
Updates since the last Patch Tuesday
There were quite a few out-of-band patches released between the February and March Patch Tuesdays.
There were seven updates released on February 26.
KB2819372 - Update for IE Flash Player for Windows 8. (Windows 8, Windows RT, Server 2012). Addresses a vulnerability that would allow an attacker to gain control of a computer running IE Flash Player for Windows 8/RT/Server 2012.
KB2670838 - Platform update for Windows 7 SP1 and Windows Server 2008 R2 SP1 (Windows 7 SP1, Server 2008 R2 SP1). See the February 27 release above. Re-released February 27.
KB2718695 - IE 10 for Windows 7 SP1 and Server 2008 R2 (Windows 7). Updates Internet Explorer in Windows 7 SP1 and Windows Server 2008 R2 to version 10.
KB2781267 - Update Rollup for Windows Server 2012 Essentials (Windows Server 2012 Essentials). Adds new features pertaining to hosted email and the Dashboard, updates .NET Framework and AntiXSSLibrary.dll, resolves seven issues.
KB2794599 - Fonts in console programs too small to read (Windows 8, RT and Server 2012). This fixes a problem whereby, when running a multilingual version of Windows 8, RT or Server 2012, the fonts in all console programs become too small to read - affects Chinese, Central Kurdish and Sindhi languages.
KB2818604 - Microcode update for Windows 8 on AMD processor (Windows 8). This updates the processor microcode for AMD C, E, G and Z-series processors.
KB947821 - System Update Readiness Tool (Windows 8, 7, Vista, Server 2008/2008 R2). Scans for inconsistencies and fixes errors that occur when you run Windows Update.