Spyware, Viruses, & Security forum

Alert

Microsoft Security Bulletin Summary for July 2013

by Carol~ Forum moderator / July 9, 2013 3:39 AM PDT
Microsoft Security Bulletin Summary for July 2013

Published : July 09, 2013

Microsoft released 7 new security updates today, as part of their routine monthly security update cycle. The six (6) Critical bulletins and one (1) rated as Important address 34 vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Silverlight, GDI+ and Windows Defender.

Microsoft also released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Critical: 6

MS11-052 - Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
MS11-053 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)
MS11-054 - Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
MS11-055 - Cumulative Security Update for Internet Explorer (2846071)
MS11-056 - Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)
MS11-057 - Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)

Important: 1

MS11-058 - Vulnerability in Windows Defender Could Allow Elevation of Privilege (2847927)

Security Bulletin: http://technet.microsoft.com/en-us/security/bulletin/ms13-jul

* * * * * * * * * * * * * * * * * * * * * * *

For those who need to prioritize deployment, Microsoft recommends focusing on MS13-053 and MS13-055 first.

MS13-053 | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution

This security update resolves two publicly disclosed and six privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. We are aware of CVE-2013-3660 being used to achieve elevation of privilege in limited, targeted attacks.

MS13-055 | Cumulative Security Update for Internet Explorer

This security update resolves 17 issues in Internet Explorer that could allow remote code execution if a customer views a specially-crafted Web page using the browser. An attacker who successfully exploited these vulnerabilities could gain the same rights as the logged-on user. This security update is rated Critical for all versions of Internet Explorer, on all supported releases of Microsoft Windows. These issues were privately disclosed and we have not detected any attacks or customer impact.

See: A new policy for store apps and the July 2013 security updates
Post a reply
Discussion is locked
You are posting a reply to: Microsoft Security Bulletin Summary for July 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Microsoft Security Bulletin Summary for July 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Windows July 2013 Update KB890830
by michhala / July 12, 2013 7:15 AM PDT

Re Windows Malicious Software Removal Tool -- I installed all necessary updates yesterday, including Malicious Software Removal Tool.....it is showing in History as a successful install. This morning it is on Windows Update as needing to be installed.

Shall I install it again, and leave the first installed version as it is or uninstall it?

My thanks.....Miki

Collapse -
Miki, All Machines Here Did EXACTLY As You Have Seen
by Grif Thomas Forum moderator / July 12, 2013 8:07 AM PDT

Although the initial round of updates showed the Malicious Software Removal Tool had been installed, upon running a second round of updates, the Removal Tool came up again as being needed.. Interesting enough, after running the second install of the Removal Tool, everything was fine and it no longer showed as an update.. The problem showed on Windows 7 AND on Windows XP and it occurred when checking the Windows Update site manually. I don't use Automatic Updates.

My advise; Run the Removal Tool installation a second time, leaving the first installation alone, and it should be good.

Hope this helps.

Grif

Collapse -
Yup
by bob b / July 12, 2013 8:32 AM PDT

Looks like an update.
On July 10 I see an install of msrt and then a run of v4.22.
On July 11 I see an install of msrt and then a run of v5.2.

Why is that?.......I dunno.
So far nothing odd has happened.

Collapse -
Yep, You're Right... Bad Version Installed First
by Grif Thomas Forum moderator / July 12, 2013 9:25 AM PDT
In reply to: Yup

A minute ago, I mis-posted about the versions being the same. (I removed it so as not to cause confusion.) After checking the log at "C:\Windows\Debug\mrt.log" you can see the first version installed is 4.22 and the second is 5.2..

Clearly, Microsoft incorrectly released the wrong version during the first release.. June's version was 5.1 so something happened wrong at MS.

Hope this helps.

Grif

Collapse -
As always, Grif....my thanks.
by michhala / July 12, 2013 10:39 AM PDT

Will remove the first version installed and replace it with the corrected version.......miki

Collapse -
Grif -- not listed
by michhala / July 12, 2013 11:04 AM PDT

I checked the list on WU where there is the option to uninstall, but there was no version of KB890830,,,,checked by name and KB number. Is it listed by a name other than Windows Malicious Software Removal Tool July 2013 or somewhere else?

Miki

Collapse -
Nothing to uninstall
by bob b / July 13, 2013 12:33 AM PDT
In reply to: Grif -- not listed
Collapse -
Grif and Bob
by michhala / July 13, 2013 4:27 AM PDT
In reply to: Nothing to uninstall

Please disregard my last post.....I misunderstood one of Grif's posts. I installed the second version, ignored the first version, and stopped looking for them on the uninstall list. Thank you, Grif and Bob.

Miki

Collapse -
(NT) Glad WE Could Help !
by Grif Thomas Forum moderator / July 13, 2013 6:18 AM PDT
In reply to: Grif and Bob
Collapse -
(NT) Thanks for the info, Bob...
by michhala / July 12, 2013 10:40 AM PDT
In reply to: Yup
Collapse -
FYI: Why does the MSRT install and run twice this month?
by Carol~ Forum moderator / July 15, 2013 9:54 AM PDT

Microsoft Security Response Center:

July 2013 Security Bulletin Webcast Q&A

Hosts: Jonathan Ness, Security Development Manager
Dustin Childs, Group Manager, Response Communications

Website: TechNet/Security

Chat Topic: July 2013 Security Bulletin Release

Date: Wednesday, July 10, 2013

Q: Why does the Malicious Software Removal Tool (MSRT) install and run twice this month? It runs once during the first pass through Windows Update, then if you run Windows Update again it shows that MSRT is needed again. Once it downloads and runs the second time, Windows Update no longer thinks it needs to run again.

A: We are in the process of rolling out a new version of MSRT and to manage the risk, we are releasing the new version in stages over a few months. In this month, if you let Windows Update automatically download, you will get the old version. But if you manually check for it, you will get the new version. This is possibly the reason for the two offerings.

Additional topics: http://blogs.technet.com/b/msrc/p/july-2013-security-bulletin-q-a.aspx

( Sorry I was late to the party. Sad )

Collapse -
Better to be late for the party than to not come at all :)
by michhala / July 15, 2013 1:21 PM PDT

Thank you, Carol....

Collapse -
Carol, Technet's Statement Isn't Quite Correct Here
by Grif Thomas Forum moderator / July 16, 2013 12:23 PM PDT

The statement made: "In this month, if you let Windows Update automatically download, you will get the old version. But if you manually check for it, you will get the new version. " This isn't quite what I experience on ANY of the computers here.

I no longer use automatic updates.. Instead, I always use manual scans at the Windows Update site to download Windows updates.. In this case, with the MSRT, my first manual scan at the Windows Update site showed the first MSRT being needed.. After downloading and installing it, plus all the other updates, I restarted the computer and immediately ran another scan at the Windows Update site.. The second version of MSRT then appeared and was downloaded and installed. BOTH versions were needed, downloaded, and installed, even though I "manually checked" for it each time. It shows this to be the case in the mrt.log file I mentioned earlier in this thread.

Hope this helps.

Grif

Collapse -
Different experience here..
by Carol~ Forum moderator / July 17, 2013 4:53 AM PDT

Grif..

I always use manual scans to download the updates. Depending on the nature of the updates, how many and file size, I may "break up" the install. In other words, I download and install the first batch (restart) and then do the same with the remainder. I did it this month and the MSRT was part of the first batch. It's how and why I knew (after a restart) it wasn't offered a second time.

I didn't realize it was an issue, until I read this thread. I've since read the same elsewhere. (It doesn't appear to be OS related) The mrt.log indicates v5.2 (build 5.2.9201.0) ran. For the most part, I'm finding I'm in the minority. Unless, there's something I over-looked.

One of the hosts of the Webcast stated "This is possibly the reason for the two offerings." Could "possibly" mean .. they don't know any more (as to why) than we I do?

Carol

Collapse -
(NT) Typical Microsoft...
by Grif Thomas Forum moderator / July 17, 2013 12:00 PM PDT
Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Big stars on small screens

Smosh tells CNET what it took to make it big online

Internet sensations Ian Hecox and Anthony Padilla discuss how YouTube has changed and why among all their goals, "real TV" isn't an ambition.