Cisco Event Response: Microsoft Security Bulletin Release for September 2013

September 10, 2013

Microsoft published its monthly security bulletin release on September 10, 2013. Microsoft released thirteen bulletins that addressed 47 vulnerabilities. The bulletins address vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Office Acesss, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office Word, Microsoft SharePoint Server, and Microsoft FrontPage. The vulnerabilities could allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, cause a denial of service condition, or gain elevated privileges.


Event Intelligence

The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:

Microsoft Security Bulletin Cisco IntelliShield Alert
CVE ID
Search CVEs
Cisco Mitigations
CVSS
Base Score
CVSS Q&A

Microsoft Security Bulletin MS13-067

Critical Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution

Microsoft SharePoint Server W3WP Denial of Service Vulnerability

 

CVE-2013-0081

Cisco IPS Signature 2725-0

5.0

Microsoft SharePoint Server Machine Authentication Check Validation Arbitrary Code Execution Vulnerability

 

CVE-2013-1330

10.0

Microsoft SharePoint Server Cross-Site Scripting Vulnerability

 

CVE-2013-3179

3.5

Microsoft SharePoint Server POST Cross-Site Scripting Vulnerability

 

CVE-2013-1380

Cisco IPS Signature 2772-0

3.5

Microsoft Security Bulletin MS13-068

Critical Vulnerability in Microsoft Outlook Could Allow Remote Code Execution

Microsoft Outlook Encrypted Message Processing Arbitrary Code Execution Vulnerability

 

CVE-2013-3870

9.3

Microsoft Security Bulletin MS13-069

Critical Cumulative Security Update for Internet Explorer

 

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3201

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3202

Cisco IPS Signature 2744-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3203

Cisco IPS Signature 2747-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3204

Cisco IPS Signature 2773-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3205

Cisco IPS Signature 2774-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3206

Cisco IPS Signature 2777-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3207

Cisco IPS Signature 2775-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3208

Cisco IPS Signature 2771-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3209

Cisco IPS Signature 4155-0

9.3

Microsoft Internet Explorer Memory Corruption Vulnerability

 

CVE-2013-3845

Cisco IPS Signature 4156-0

9.3

Microsoft Security Bulletin MS13-070

Critical Vulnerability in OLE Could Allow Remote Code Execution

Microsoft Windows Object Linking and Embedding Arbitrary Code Execution Vulnerability

 

CVE-2013-3863

9.3

Microsoft Security Bulletin MS13-071

Important Vulnerability in Windows Theme File Could Allow Remote Code Execution

Microsoft Windows Theme File Handling Arbitrary Code Execution Vulnerability

 

CVE-2013-0810

Cisco IPS Signature 2736-0

9.3

Microsoft Security Bulletin MS13-072

Important Vulnerabilities in Microsoft Office Could Allow Remote Code Execution

Microsoft Office Word XML Parsing Information Disclosure Vulnerability

 

CVE-2013-3160

4.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3847

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3848

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3849

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3850

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3851

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3852

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3853

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3854

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3855

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3856

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3857

9.3

Microsoft Office Word Memory Corruption Vulnerability

 

CVE-2013-3858

9.3

Microsoft Security Bulletin MS13-073

Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution

 

Microsoft Office Excel Memory Corruption Vulnerability

 

CVE-2013-1315

Cisco IPS Signature 2732-0

9.3

Microsoft Office Excel Memory Corruption Vulnerability

 

CVE-2013-3158

9.3

Microsoft Office Excel XML Content Parsing Information Disclosure Vulnerability

 

CVE-2013-3159

4.3

Microsoft Security Bulletin MS13-074

Important Vulnerabilities in Microsoft Access Could Allow Remote Code Execution

 

Microsoft Office Access Memory Corruption Vulnerability

 

CVE-2013-3155

9.3

Microsoft Office Access Memory Corruption Vulnerability

 

CVE-2013-3156

9.3

Microsoft Office Access Memory Corruption Vulnerability

 

CVE-2013-3157

9.3

Microsoft Security Bulletin MS13-075

Important Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege

Microsoft Office Chinese Input Method Editor Privilege Escalation Vulnerability

 

CVE-2013-3859

6.8

Microsoft Security Bulletin MS13-076

Important Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-1341

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-1342

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-1343

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-1344

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-3864

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-3865

6.8

Microsoft Windows win32k Kernel-Mode Driver Privilege Escalation Vulnerability

 

CVE-2013-3866

6.8

Microsoft Security Bulletin MS13-077

Important Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege

Microsoft Windows Service Control Manager Arbitrary Code Execution Vulnerability

 

CVE-2013-3862

6.8

Microsoft Security Bulletin MS13-078

Important Vulnerability in FrontPage Could Allow Information Disclosure

Microsoft FrontPage XML Content Processing Information Disclosure Vulnerability

 

CVE-2013-3137

Cisco IPS Signature 2765-0

4.3

Microsoft Security Bulletin MS13-079

Important Vulnerability in Active Directory Could Allow Denial of Service

Microsoft Active Directory LDAP Service Denial of Service Vulnerability

 

CVE-2013-3868

Cisco IPS Signature 2769-0

5.0

Cisco Security Intelligence Operations

Cisco Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices. Cisco IOS access control lists; Cisco Intrusion Prevention System (IPS) signatures; Cisco IOS NetFlow; and Cisco ACE Application Control Engine are discussed in this bulletin.

Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for September 2013

Cisco Security Manager helps enable enterprises to manage and scale security operations efficiently and accurately. Its end-to-end tools provide consistent policy enforcement, quick troubleshooting of security events, and summarized reports from across the security deployment.

Cisco NAC Appliance (formerly Cisco Clean Access) uses your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access.

Cisco Identity Services Engine gathers information from users, devices, infrastructure, and network services to enable organizations to enforce contextual-based business policies across the network. It provides network visibility for advanced discovery and troubleshooting and combines authentication, authorization, and accounting (AAA), posture, profiling, and guest management.

Impact on Cisco Products

Customers should evaluate the Microsoft security bulletins and associated software updates for any potential impacts to Cisco Contact Center products. Please refer to the Cisco Customer Contact Software Policy for Using Microsoft Security Updates on Products Deployed on a Retail Installation of Windows Operating System for additional information.

Cisco IP Telephony Operating System, SQL Server, Security Updates
This document contains information on software updates for tracking Cisco-supported operating system, SQL Server, and security files that are available for web download. These updates support all versions of Cisco Unified CallManager, Cisco Conference Connection, Cisco Personal Assistant, Cisco IP Interactive Voice Response, and Cisco IP Call Center Express, Cisco Emergency Responder, Cisco Customer Voice Portal, and Cisco MeetingPlace. This document does not support Cisco Unity or servers where Cisco Unity is installed.

Recommended Microsoft Hot Fixes for Cisco Media Experience 3000
These documents evaluate the monthly Microsoft security bulletins for applicability to the Cisco Media Experience Engine (MXE) 3000 product line. The bulletins clarify which Microsoft Security Bulletins should be applied to affected hardware and software levels of Cisco MXE 3000 products.