Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2013
    S M T W T F S
    « Oct   Dec »
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for November 12th, 2013




    Patch-Tuesday_grayIt’s Patch Tuesday again, and Microsoft has served up eight bulletins this month, three of them rated Critical. One of the three critical bulletins – MS13-090 – deserves special mention, as it fixes a zero-day vulnerability (CVE-2013-3918) found just last week in an Internet Explorer ActiveX control. Separately, IE itself fixed ten vulnerabilities as part of MS13-088.

    It’s worth noting that another recent TIFF-related zero-day that we discussed has not been patched as part of this month’s update, so the recommendations and work-arounds that were suggested at that time remain in effect.

    We strongly urge all users to apply these updates as soon as possible. Trend Micro users may also use the following Deep Security rules to protect themselves from threats exploiting these patched vulnerabilities.

    • 1005705 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3871)
    • 1005784 Internet Explorer Information Disclosure Vulnerability (CVE-2013-3908)
    • 1005778 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3910)
    • 1005781 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3911)
    • 1005782 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3912)
    • 1005774 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3914)
    • 1005775 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3915)
    • 1005777 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3916)
    • 1005773 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3917)
    • 1005783 Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability (CVE-2013-3940)
    • 1005779 Microsoft Internet Explorer ActiveX Control Code Execution Vulnerability (CVE-2013-3918)
    • 1005785 Restrict Information Card Signin Helper ActiveX Control
     
    Posted in Vulnerabilities | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice