Jeff Alexander's Weblog

Microsoft Security Bulletin: May 2013 Release!

Jeffadude — Thu, 16 May 2013 07:07:51 GMT

Welcome to another security bulletin release. This month we have 10 security bulletin updates plus a firmware update for Surface RT and Surface Pro. The great thing about the new Surface Pro firmware update is we now support PXE booting with the Surface Pro Ethernet adapter. This will be great for enterprises to get a custom image on the device! Below is a table that outlines this month’s bulletins.

Bulletin ID	Bulletin Title and Executive Summary	Maximum Severity Rating & Vulnerability Impact	Restart Requirement	Affected Software
MS13-037	Cumulative Security Update for Internet Explorer This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Critical Remote Code Execution	Requires restart	Microsoft Windows, Internet Explorer
MS13-038	Security Update for Internet Explorer This security update resolves one publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Critical Remote Code Execution	May require restart	Microsoft Windows, Internet Explorer
MS13-039	Vulnerability in HTTP.sys Could Allow Denial of Service This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends a specially crafted HTTP packet to an affected Windows server or client.	Important Denial of Service	Requires restart	Microsoft Windows
MS13-040	Vulnerabilities in .NET Framework Could Allow Spoofing This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in the .NET Framework. The more severe of the vulnerabilities could allow spoofing if a .NET application receives a specially crafted XML file. An attacker who successfully exploited the vulnerabilities could modify the contents of an XML file without invalidating the file's signature and could gain access to endpoint functions as if they were an authenticated user.	Important Spoofing	May require restart	Microsoft Windows, Microsoft .NET Framework
MS13-041	Vulnerability in Lync Could Allow Remote Code Execution This security update resolves a privately reported vulnerability in Microsoft Lync. The vulnerability could allow remote code execution if an attacker shares specially crafted content, such as a file or program, as a presentation in Lync or Communicator and then convinces a user to accept an invitation to view or share the presentable content. In all cases, an attacker would have no way to force users to view or share the attacker-controlled file or program. Instead, an attacker would have to convince users to take action, typically by getting them to accept an invitation in Lync or Communicator to view or share the presentable content.	Important Remote Code Execution	May require restart	Microsoft Lync
MS13-042	Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution This security update resolves eleven privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user open a specially crafted Publisher file with an affected version of Microsoft Publisher. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Important Remote Code Execution	May require restart	Microsoft Office
MS13-043	Vulnerability in Microsoft Word Could Allow Remote Code Execution This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow code execution if a user opens a specially crafted file or previews a specially crafted email message in an affected version of Microsoft Office software. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Important Remote Code Execution	May require restart	Microsoft Office
MS13-044	Vulnerability in Microsoft Visio Could Allow Information Disclosure This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow information disclosure if a user opens a specially crafted Visio file. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.	Important Information Disclosure	May require restart	Microsoft Office
MS13-045	Vulnerability in Windows Essentials Could Allow Information Disclosure This security update resolves a privately reported vulnerability in Windows Essentials. The vulnerability could allow information disclosure if a user opens Windows Writer using a specially crafted URL. An attacker who successfully exploited the vulnerability could override Windows Writer proxy settings and overwrite files accessible to the user on the target system. In a web-based attack scenario, a website could contain a specially crafted link that is used to exploit this vulnerability. An attacker would have to convince users to visit the website and open the specially crafted link.	Important Information Disclosure	May require restart	Microsoft Windows Essentials
MS13-046	Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege This security update resolves three privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.	Important Elevation of Privilege	Requires restart	Microsoft Windows

That’s about it guys. Make sure you apply these updates where appropriate.

Jeffa

Technorati Tags: Patching,Updates,WSUS

TechEd Australia 2013: Call for Topics is Live!

Jeffadude — Wed, 15 May 2013 02:43:26 GMT

Welcome to my first email regarding TechEd Australia 2013! This year I’m looking after content again and today I like to announce that call for topics is now open for submissions. This is the first of many milestones on the journey to this event in September. I believe good content is what makes an event such as TechEd possible and we rely on the expertise and creativity of our speakers to make a successful event.

So please submit your sessions using the Call for Topics tool at: http://techedau.cft.hubb.me

Every year at TechEd we have a theme and this year is no different. Last year was a huge launch year so we focused mainly on all the new products such as Windows Server 2012 and Windows 8. This year it’s about getting those products deployed and developing great apps for Windows 8 and Windows Phone. With in mind we are focusing on 2 broad themes.

Developing Windows 8 and Windows Phone apps
Deployment of Windows Server 2012, System Center 2012 SP1, Windows 8 and Office 2013
Building apps for Windows 8

With that in mind we have reduced the number of tracks down to 9 this year. Below are a list of the tracks we will have this year.

Architecture and trustworthy Computing
Windows Azure Application Development
Data Platform and Business Intelligence
Developer Tools & Application Lifecycle Management (ALM)
Office, Office 365 and SharePoint
Modern Datacenter
Exchange and Lync
Windows Client, Access & Management
Windows Phone

Now you may notice the absence of tracks that we have had in the past. We have consolidated the Windows Server, Virtualization and Management tracks into the Modern Datacenter track. So if you are submitting sessions on those topics then submit them to the Modern Datacenter track.

The Call for Topics tool is open from today; May 15th 2013 until Monday June 17th 2013. Get those creative juices going and start submitting sessions. When you are submitting sessions please keep the following in mind:

To enhance the success of your session submission, please prepare your content to ensure it provides TechEd attendees with comprehensive technical readiness to inspire and succeed in their career. Your content should also align to meet the content themes for TechEd 2013, which are:

For Developers: TechEd is the place to get ready to create Windows 8 and Windows Phone Apps.

For IT Professionals: TechEd will provide an accelerated path to the skills they need to for deployment of Windows 8, Windows Server 2012, System Center 2012, Office 2013 and the Hybrid cloud.

Submissions that compliment the TechEd 2013 content themes will be recognized throughout the approval process.

Below are some additional tips for a successful submission:

Abstracts should be limited to 300 words
Be sure to showcase your speaking experience
A succinct and descriptive session title is a must to engage attendees and should match the delivered content 100%
Session objectives should indicate clearly what a delegate will gain from attending the session
Build your presentations with 60-65 mins of content and allow 10-15 mins for Q&A
TechEd is about technical readiness so focus on the technology and ensure there is no blatant marketing in your content

Good luck with your submissions and we look forward to see some great sessions submitted!

Jeffa

Technorati Tags: TechEd Australia,Call for Topics,CFT

The new Nokia Lumia 925!

Jeffadude — Tue, 14 May 2013 23:33:09 GMT

Damn and I just got a new Lumia 920! Click here to watch the press release of the new Lumia.

Jeffa

Technorati Tags: Lumia,Windows Phone

Windows Azure Active Directory Cartoon!

Jeffadude — Tue, 07 May 2013 01:15:22 GMT

I found this really cool animation the other day that is great at explaining exactly what Windows Azure AD is and how it’s different to on premise Active Directory that we have all been familiar with for years.

Jeffa

Technorati Tags: Azure,Cloud,Azure AD

Acer Aspire R7: A Notebook designed for touch….

Jeffadude — Mon, 06 May 2013 03:00:13 GMT

I don’t normally post marketing ads but this is too cool not to share! I’m not sure about where they put the trackpad on this thing though..

Jeffa

Technorati Tags: Touch,Windows 8

Make the Switch: New Windows Phone Ad!

Jeffadude — Tue, 30 Apr 2013 04:06:17 GMT

The recently released Windows Phone add made me laugh. Worth a look!

Jeffa

Technorati Tags: Windows Phone,Nokia,Lumia

Microsoft Security Bulletin: April 2013 Release!

Jeffadude — Wed, 10 Apr 2013 00:19:03 GMT

Welcome to another security bulletin update! This month we have 9 bulletins and I have posted the details below. Make sure you consider these in your environments and update where appropriate. And if you have a Surface RT device there is another update available to improve Wi-Fi reliability.

MS13-028 - Cumulative Security Update for Internet Explorer (2817183)

This security update resolves two privately reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - Requires restart
Affected Software - Microsoft Windows, Internet Explorer

MS13-029 - Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)

This security update resolves a privately reported vulnerability in Windows Remote Desktop Client. The vulnerability could allow remote code execution if a user views a specially crafted webpage. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - May require restart
Affected Software - Microsoft Windows

MS13-030 - Vulnerability in SharePoint Could Allow Information Disclosure (2827663)

This security update resolves a publicly disclosed vulnerability in Microsoft SharePoint Server. The vulnerability could allow information disclosure if an attacker determined the address or location of a specific SharePoint list and gained access to the SharePoint site where the list is maintained. The attacker would need to be able to satisfy the SharePoint site's authentication requests to exploit this vulnerability.

Maximum Severity Rating - Important
Vulnerability Impact - Information Disclosure
Restart Requirement - May require restart
Affected Software - Microsoft Office, Microsoft Server Software

MS13-031 - Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - Requires restart
Affected Software - Microsoft Windows

MS13-032 - Vulnerability in Active Directory Could Lead to Denial of Service (2830914)

This security update resolves a privately reported vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.

Maximum Severity Rating - Important
Vulnerability Impact - Denial of Service
Restart Requirement - Requires restart
Affected Software - Microsoft Windows

MS13-033 - Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2820917)

This security update resolves a privately reported vulnerability in all supported editions of Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - Requires restart
Affected Software - Microsoft Windows

MS13-034 - Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)

This security update resolves a privately reported vulnerability in the Microsoft Antimalware Client. The vulnerability could allow elevation of privilege due to the pathnames used by the Microsoft Antimalware Client. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - Requires restart
Affected Software - Microsoft Security Software

MS13-035 - Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)

This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow elevation of privilege if an attacker sends specially crafted content to a user.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - May require restart
Affected Software - Microsoft Office, Microsoft Server Software

MS13-036 - Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)

This security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the most severe vulnerabilities.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - Requires restart
Affected Software - Microsoft Windows

Go forth an update!

Jeffa

Technorati Tags: Update,Patching,Security

MMS 2013: Opening Keynote Video

Jeffadude — Mon, 08 Apr 2013 23:27:16 GMT

Below is the opening video that was shown at MMS 2013 in case you missed it! Pretty cool…

And if you want to watch the opening keynote and other sessions you can watch them on Channel 9’s MMS page.

Jeffa

Technorati Tags: MMS2013,Management

The Surface Pro Datacenter Video!

Jeffadude — Thu, 14 Mar 2013 00:30:50 GMT

This video was way too good not to share. Four geeks over at the Building Clouds blog took 4 Surface Pro devices and created a table top datacentre running Windows Server 2012 and Hyper-V. And they live migrated a few VM’s over Wi-Fi between the 4 Surface Pro devices. Awesome way to kill a couple of hours!! Plus all the video was shot using a Nokia Lumia 920!

Jeffa

Technorati Tags: Surface Pro,Surface,Hyper-V

Microsoft Security Bulletin: March 2013 Release

Jeffadude — Wed, 13 Mar 2013 02:39:18 GMT

This month is pretty busy in the updates arena so make sure you check out the details below. Plus this month there is an update for IE 10 to fully support flash as reported on the IE blog earlier this week. And if you have a Surface RT device there is another firmware update as well.

MS13-021- Cumulative Security Update for Internet Explorer (2809289)

This security update resolves eight privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - Requires restart
Affected Software - Microsoft Windows, Internet Explorer

MS13-022 - Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)

This security update resolves a privately reported vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if an attacker hosts a website that contains a specially crafted Silverlight application that could exploit this vulnerability and then convinces a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. Such websites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit a website. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or in an Instant Messenger message that takes them to the attacker's website. It could also be possible to display specially crafted web content by using banner advertisements or by using other methods to deliver web content to affected systems.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - Requires restart
Affected Software - Microsoft Silverlight

MS13-023 - Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261)

This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - Requires restart
Affected Software – Microsoft Office

MS13-024 - Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)

This security update resolves four privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site.

Maximum Severity Rating - Critical
Vulnerability Impact - Remote Code Execution
Restart Requirement - Requires restart
Affected Software – Microsoft Office, Microsoft Server Software

MS13-025 - Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)

This security update resolves a privately reported vulnerability in Microsoft OneNote. The vulnerability could allow information disclosure if an attacker convinces a user to open a specially crafted OneNote file.

Maximum Severity Rating - Important
Vulnerability Impact - Information Disclosure
Restart Requirement - May require restart
Affected Software - Microsoft Office

MS13-026 - Vulnerability in Office Outlook for Mac Could Allow Information Disclosure (2813682)

This security update resolves one privately reported vulnerability in Microsoft Office for Mac. The vulnerability could allow information disclosure if a user opens a specially crafted email message.

Maximum Severity Rating - Important
Vulnerability Impact - Information Disclosure
Restart Requirement - Does not require restart
Affected Software - Microsoft Office

MS13-027 - Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)

This security update resolves three privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow elevation of privilege if an attacker gains access to a system.

Maximum Severity Rating - Important
Vulnerability Impact - Elevation of Privilege
Restart Requirement - Requires restart
Affected Software - Microsoft Windows

Get Patching!

Jeffa

Technorati Tags: Updating,Patching,WSUS