[SingCERT] Microsoft Security Bulletin Summary for March 2013
- Published on Wednesday, 13 March 2013 15:58
[ Summary ]
Microsoft has released 7 security bulletins for the month of March 2013 to address vulnerabilities in Microsoft Windows Silverlight, Visio Viewer 2010, Microsoft SharePoint, Microsoft OneNote, Office Outlook for Mac, Kernel-Mode Drivers, and cumulative security updates for Internet Explorer.
These vulnerabilities could allow an attacker to execute arbitrary code remotely, operate with elevated privileges, or disclose sensitive information.
MS13-021, MS13-022, MS13-023, MS13-024 are rated Critical as successfully exploitation of these vulnerabilities will allow remote code execution. MS13-021 – Internet Explorer CTreeNode Use After Free Vulnerability [CVE-2013-1288] has been publicly disclosed.
- MS13-021 Cumulative Security Update for Internet Explorer (2809289)
- MS13-022 Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)
- MS13-023 Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261)
- MS13-024 Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)
- MS13-025 Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)
- MS13-026 Vulnerability in Office Outlook for Mac Could Allow Information Disclosure (2813682)
- MS13-027 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)