Cisco Event Response: Microsoft Security Bulletin Release for May 2013

May 14, 2013

Microsoft published its monthly security bulletin release on May 14, 2012. Microsoft released ten bulletins that addressed 33 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft .NET Framework, Microsoft Lync, Microsoft Publisher, Microsoft Word, Microsoft Vision, and Microsoft Windows Essentials. The vulnerabilities could allow an attacker to execute arbitrary code, gain access to sensitive information, cause a denial of service condition, or gain elevated privileges.


Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin Cisco IntelliShield Alert
CVE ID
Search CVEs
Cisco Mitigations
CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS13-037

Cumulative Security Update for Internet Explorer

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-0811

9.3

Microsoft Internet Explorer Cross-Domain JSON File Access Information Disclosure Vulnerability

 

CVE-2013-1297

Cisco ASA/ASA-SM/FWSM, Cisco ACE, Cisco IPS Signature 2209-0, Cisco Security Manager

4.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1306

Cisco IPS Signatures 2219-0, 2219-1, 2219-2, Cisco Security Manager

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1307

Cisco IPS Signature 2217-0

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

CVE-2013-1308

Cisco IPS Signatures 2206-0, 2206-1, 2206-2, Cisco Security Manager

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1309

Cisco IPS Signature 2195-0, Cisco Security Manager

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1310

Cisco IPS Signature 2221-0

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1311

Cisco IPS Signature 2220-0, Cisco Security Manager

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1312

Cisco IPS Signature 2225-0, Cisco Security Manager

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-1313

9.3

Microsoft Internet Explorer Use-After-Free Arbitrary Code Execution Vulnerability

 

CVE-2013-2551

Cisco IPS Signature 2227-0

9.3

Microsoft Security Bulletin MS13-038

Security Update for Internet Explorer

Microsoft Internet Explorer Memory Corruption Arbitrary Code Execution Vulnerability

 

CVE-2013-1347

Cisco IPS Signatures 2198-0, 2198-1

9.3

Microsoft Security Bulletin MS13-039

Vulnerability in HTTP.sys Could Allow Denial of Service

Microsoft Windows Server HTTP Request Handling Denial of Service Vulnerability

 

CVE-2013-1305

Cisco IPS Signatures 2222-0, 2222-1, 2222-2, Cisco Security Manager

5.0

Microsoft Security Bulletin MS13-040

Vulnerabilities in .NET Framework Could Allow Spoofing

Microsoft .NET Framework XML Digital Signature Spoofing Security Bypass Vulnerability

 

CVE-2013-1336

Cisco IPS Signature 2230-0

5.0

Microsoft .NET Framework Authentication Bypass Unauthorized Access Vulnerability

 

CVE-2013-1337

10.0

Microsoft Security Bulletin MS13-041

Vulnerability in Lync Could Allow Remote Code Execution

Microsoft Lync Improper Memory Object Processing Arbitrary Code Execution Vulnerability

 

CVE-2013-1302

9.3

Microsoft Security Bulletin MS13-042

Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution

Microsoft Office Publisher Improper Array Value Processing Arbitrary Code Execution Vulnerability

 

CVE-2013-1316

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Integer Overflow Arbitrary Code Execution Vulnerability

CVE-2013-1317

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Improper Pointer Handling Arbitrary Code Execution Vulnerability

CVE-2013-1318

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Returned Method Value Handling Arbitrary Code Execution Vulnerability

CVE-2013-1319

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Array Processing Buffer Overflow Arbitrary Code Execution Vulnerability

CVE-2013-1320

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Returned Method Value Validation Arbitrary Code Execution Vulnerability

CVE-2013-1321

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Improper Table Range Validation Arbitrary Code Execution Vulnerability

CVE-2013-1322

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Improper NULL Value Handling Arbitrary Code Execution Vulnerability

CVE-2013-1323

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Improper Signed Integer Processing Arbitrary Code Execution Vulnerability

CVE-2013-1327

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Invalid Pointer Processing Arbitrary Code Execution Vulnerability

CVE-2013-1328

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Office Publisher Array Processing Buffer Underflow Arbitrary Code Execution Vulnerability

CVE-2013-1329

Cisco ASA/ASA-SM/FWSM, Cisco ACE

9.3

Microsoft Security Bulletin MS13-043

Vulnerability in Microsoft Word Could Allow Remote Code Execution

Microsoft Word Shape Object Processing Arbitrary Code Execution Vulnerability

 

CVE-2013-1335

9.3

Microsoft Security Bulletin MS13-044

Vulnerability in Microsoft Visio Could Allow Information Disclosure

Microsoft Visio XML Processing Information Disclosure Vulnerability

 

CVE-2013-1301

Cisco IPS Signature 2191-0, Cisco Security Manager

7.1

Microsoft Security Bulletin MS13-045

Vulnerability in Windows Essentials Could Allow Information Disclosure

Microsoft Windows Essentials Writer URL Processing Arbitrary File Overwrite Vulnerability

CVE-2013-0096

Cisco IPS Signature 2210-0, Cisco Security Manager

5.8

Microsoft Security Bulletin MS13-046

Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege

Microsoft Windows Kernel DirectX Subsystem Privilege Escalation Vulnerability

 

CVE-2013-1332

1.7

Microsoft Windows Kernel Win32k Driver Buffer Overflow Privilege Escalation Vulnerability

 

CVE-2013-1333

1.7

Microsoft Windows Kernel Win32k Driver Handle Arbitrary Code Execution Vulnerability

 

CVE-2013-1334

6.8

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; and Cisco ACE Application Control Engine are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for May 2013

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.