Microsoft Security Bulletin(s) for January 8 2013

Microsoft Security Bulletin(s) for January 8 2013
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
http://technet.microsoft.com/en-us/security/bulletin/ms13-jan

Critical (2)
Microsoft Security Bulletin MS13-001
Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution (2769369)
http://go.microsoft.com/fwlink/?LinkId=273848

Microsoft Security Bulletin MS13-002
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)
http://go.microsoft.com/fwlink/?LinkId=264923

Important (5)
Microsoft Security Bulletin MS13-003
Vulnerabilities in System Center Operations Manager Could Allow Elevation of Privilege (2748552)
http://go.microsoft.com/fwlink/?LinkId=261863

Microsoft Security Bulletin MS13-004
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2769324)
http://go.microsoft.com/fwlink/?LinkId=268279

Microsoft Security Bulletin MS13-005
Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)
http://go.microsoft.com/fwlink/?LinkId=273826

Microsoft Security Bulletin MS13-006
Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220)
http://go.microsoft.com/fwlink/?LinkId=273872

Microsoft Security Bulletin MS13-007 -
Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)
http://go.microsoft.com/fwlink/?LinkId=268284


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 

TechNet Webcast: Information About the January 2013 Security Bulletin Release

Event ID: 1032538623


Language(s): English.


Product(s): computer security and information security.


Audience(s): IT Decision Maker, IT Implem_IT Generalist and IT Manager.


Starts: Wednesday, January 09, 2013 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration: 1 hour(s)

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.


Presented by:

Dustin Childs, Group Manager, Response Communications, Microsoft Corporation

and

TBD




Register now for the January security bulletin webcast.

 

Out of band for IE security issue

 

Microsoft out-of-band security bulletin for January 2013
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
http://technet.microsoft.com/en-us/security/bulletin/ms13-jan

Critical (1)

Security Update for Internet Explorer (2799329)

This security update resolves one publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
http://technet.microsoft.com/en-us/security/advisory/2794220


Important (0)


Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.