June 2013

 

June 2013 Security Bulletin Webcast Q&A

 

Hosts:                Andrew Gross, Senior Security Program Manager

                          Dustin Childs, Group Manager, Response Communications

Website:         TechNet/Security

Chat Topic:     June 2013 Security Bulletin Release
Date:              
Wednesday, June 12, 2013

 

 

Q:  Regarding Security Advisory 2854544, has Microsoft expanded this update to include Enterprise Customers?

A: This functionality was included in the latest versions of Windows Server.  Microsoft has now updated other versions of Windows Vista and newer with the same functionality.

 

Q: The vulnerability found in Windows Print Spooler (MS13-050), can an attack be carried out without customer interaction?

A: Customer interaction is required to carry out this attack.

 

Q: Is Microsoft Outlook 2003 affected by the vulnerability in Microsoft Office (MS13-051)?

A: Microsoft Outlook is not directly affected unless Microsoft Word is the selected email reader. By default, Outlook 2003 does not use Word as the email reader. However, customers should apply all security updates provided in the June 2013 bulletin release to help ensure they are protected.

 

Q: Regarding the SRD blog about disabling Java, is the Microsoft Fix it able to be run by non-Admins?  Does it disable Java at a user-level in Internet Explorer, or system level?  The SRD blog did not contain these details.

A: To install the Java Fix it, a user would need admin privileges.  After the Fix it is installed, it will work for all users and administrators.