From security em unicamp.br  Wed Jun 12 11:20:49 2013
From: security em unicamp.br (CSIRT - UNICAMP)
Date: Wed, 12 Jun 2013 14:20:49 +0000
Subject: [SECURITY-L] CAIS-Alerta: Resumo dos Boletins de Segurana Microsoft
	- Junho/2013
Message-ID: <20130612142049.GB55483@unicamp.br>

----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----

From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Resumo dos Boletins de Segurança Microsoft - Junho/2013
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Tue, 11 Jun 2013 17:10:50 -0300 (BRT)

-----BEGIN PGP SIGNED MESSAGE-----

Prezados,

A Microsoft publicou 5 boletins de segurança em 11 de junho de 2013
que abordam ao todo 22 vulnerabilidades em produtos da empresa. A
exploração destas vulnerabilidades permitem execução remota de código,
negação de serviço, elevação de privilégio, entre outros.

Até o momento da publicação deste alerta não foram divulgados códigos de
exploração para as vulnerabilidades listadas.


SEVERIDADE

. Crítica

- - MS13-047 - Atualização de segurança cumulativa para o Internet Explorer


. Importante

- - MS13-048 - Vulnerabilidades no Kernel do Windows podem permitir a 
             divulgação indevida de informações

- - MS13-049 - Vulnerabilidade no Kernel-Mode Driver pode permitir a negação de serviço

- - MS13-050 - Vulnerabilidades nos componentes do Windows Print Spooler 
             podem permitir elevação de privilégio

- - MS13-051 - Vulnerabilidade no Microsoft Office pode permitir a execução 
             remota de código


. Moderada

- - Nenhum boletim


. Baixa

- - Nenhum boletim


O sistema de classificação de severidade das vulnerabilidades adotado
pelo CAIS neste resumo é o da própria Microsoft. O CAIS recomenda que se
aplique, minimamente, as correções para vulnerabilidades classificadas
como crítica e importante. No caso de correções para vulnerabilidades
classificadas como moderadas o CAIS recomenda que ao menos as
recomendações de mitigação sejam seguidas.

. Crítica - Vulnerabilidades cuja exploração possa permitir a propagação
  de um worm sem a necessidade de interação com o usuário.

. Importante - Vulnerabilidades cuja exploração possa resultar no
  comprometimento de confidencialidade, integridade ou disponibilidade
  de dados de usuários ou a integridade ou disponibilidade de recursos
  de processamento.

. Moderada - exploração é mitigada significativamente por fatores como
  configuração padrão, auditoria ou dificuldade de exploração.

. Baixa - uma vulnerabilidade cuja exploração seja extremamente difícil
  ou cujo impacto seja mínimo.


CORREÇÕES DISPONÍVEIS

Recomenda-se atualizar os sistemas para as versões disponíveis em:

. Microsoft Update
  https://www.update.microsoft.com/microsoftupdate/

. Microsoft Download Center
  http://www.microsoft.com/pt-br/download/security.aspx

MAIS INFORMAÇÕES

. Resumo do Boletim de Segurança da Microsoft de junho 2013
  http://technet.microsoft.com/pt-br/security/bulletin/ms13-jun

. Microsoft TechCenter de Segurança
  http://technet.microsoft.com/pt-br/security/

. Microsoft Security Response Center - MSRC
  http://www.microsoft.com/security/msrc/

. Microsoft Security Research & Defense - MSRD
  http://blogs.technet.com/srd/

. Central de Proteção e Segurança Microsoft
  http://www.microsoft.com/brasil/security/


Identificador CVE (http://cve.mitre.org <http://cve.mitre.org/>):

CVE-2013-3110, CVE-2013-3111, CVE-2013-3112, CVE-2013-3113,
CVE-2013-3114, CVE-2013-3116, CVE-2013-3117, CVE-2013-3118,
CVE-2013-3119, CVE-2013-3120, CVE-2013-3121, CVE-2013-3122,
CVE-2013-3123, CVE-2013-3124, CVE-2013-3125, CVE-2013-3139,
CVE-2013-3141, CVE-2013-3142, CVE-2013-3136, CVE-2013-3138,
CVE-2013-1339, CVE-2013-1331


O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as últimas versões e
correções oferecidas pelos fabricantes.

Os Alertas do CAIS também são oferecidos no formato RSS/RDF e no Twitter:
http://www.rnp.br/cais/alertas/rss.xml
Siga @caisrnp


Atenciosamente,
Equipe do CAIS/RNP

################################################################
#   CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS)     #
#       Rede Nacional de Ensino e Pesquisa (RNP)               #
#                                                              #
# cais em cais.rnp.br       http://www.cais.rnp.br                #
# Tel. 019-37873300      Fax. 019-37873301                     #
# Chave PGP disponivel   http://www.rnp.br/cais/cais-pgp.key   #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iQCVAwUBUbeEYOkli63F4U8VAQFF+AP/RDNqyYPH57MlrrKdMEv2nvyZQiIoov7Y
tY+ArzZIZ0RzLyhb59WvbraXg9saYoKddQptHTxvP4TKsaxiBp0KlNQ8vIntGu2t
sScXHI0nvyTX/1gzSVwEU2jPLb5EFsUSbuHcGfybztPwpHEQ5bpTL590O76Dqftx
CTtMdeTc6PI=
=3TAQ
-----END PGP SIGNATURE-----


----- End forwarded message -----


From security em unicamp.br  Tue Jun 18 13:22:58 2013
From: security em unicamp.br (CSIRT - UNICAMP)
Date: Tue, 18 Jun 2013 16:22:58 +0000
Subject: [SECURITY-L] [US-CERT@public.govdelivery.com: TA13-168A: Microsoft
	Updates for Multiple Vulnerabilities]
Message-ID: <20130618162258.GC3959@unicamp.br>

----- Forwarded message from US-CERT <US-CERT em public.govdelivery.com> -----

From: "US-CERT" <US-CERT em public.govdelivery.com>
Subject: TA13-168A: Microsoft Updates for Multiple Vulnerabilities
To: security em unicamp.br
Date: Tue, 18 Jun 2013 11:17:23 -0500

US Computer Emergency Readiness Team banner graphic

National Cyber Awareness System:

TA13-168A: Microsoft Updates for Multiple Vulnerabilities [ https://www.us-cert.gov/ncas/alerts/TA13-168A ] 06/17/2013 11:00 AM EDT 
Original release date: June 17, 2013 | Last revised: June 18, 2013

Systems Affected

  * Microsoft Windows 
  * Microsoft Internet Explorer 
  * Microsoft Office 

Overview

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for June 2013 [ http://technet.microsoft.com/en-us/security/bulletin/ms13-jun ] describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities.

Impact

These vulnerabilities could allow remote code execution, information disclosure, denial of service, or elevation of privilege.

Solution

*Apply Updates*

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2013 [ http://technet.microsoft.com/en-us/security/bulletin/ms13-jun ], which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services [ http://www.us-cert.gov/redirect?url=http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fwsus%2Fdefault.aspx ] (WSUS). Home users are encouraged to enable automatic updates [ http://www.us-cert.gov/redirect?url=http%3A%2F%2Fwindows.microsoft.com%2Fen-us%2Fwindows-vista%2FTurn-automatic-updating-on-or-off ].

References

  * Microsoft Security Bulletin Summary for June 2013 [ http://www.us-cert.gov/redirect?url=http%3A//technet.microsoft.com/en-us/security/bulletin/ms13-jun ] 
  * Microsoft Windows Server Update Services [ http://www.us-cert.gov/redirect?url=http%3A//technet.microsoft.com/en-us/windowsserver/bb332157.aspx ] 
  * Turn Automatic Updating On or Off [ http://www.us-cert.gov/redirect?url=http%3A//windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off ] 

Revision History

  * Initial Release 
________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ] 

SUBSCRIBER SERVICES:
Manage Preferences [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true ]  |  Unsubscribe [ https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.6a6fc2cec2b9952ff27f6db27530aead&destination=security em unicamp.br ]  |  Help <support em govdelivery.com>

________________________________________________________________________

This email was sent to security em unicamp.br using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery [ http://www.govdelivery.com/portals/powered-by ]



----- End forwarded message -----


From security em unicamp.br  Wed Jun 19 12:52:21 2013
From: security em unicamp.br (CSIRT - UNICAMP)
Date: Wed, 19 Jun 2013 15:52:21 +0000
Subject: [SECURITY-L] [US-CERT@public.govdelivery.com: TA13-169A: Oracle
	Releases Updates for Javadoc and Other Java SE Vulnerabilities]
Message-ID: <20130619155221.GC15220@unicamp.br>

----- Forwarded message from US-CERT <US-CERT em public.govdelivery.com> -----

From: "US-CERT" <US-CERT em public.govdelivery.com>
Subject: TA13-169A: Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities
To: security em unicamp.br
Date: Wed, 19 Jun 2013 10:45:54 -0500

US Computer Emergency Readiness Team banner graphic

National Cyber Awareness System:

TA13-169A: Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities [ https://www.us-cert.gov/ncas/alerts/TA13-169A ] 06/18/2013 04:37 PM EDT 
Original release date: June 18, 2013 | Last revised: June 19, 2013

Systems Affected

Any system using Oracle Java including


  * JDK and JRE 7 Update 21 and earlier 
  * JDK and JRE 6 Update 45 and earlier 
  * JDK and JRE 5.0 Update 45 and earlier 
  * JavaFX 2.2.21 and earlier 

Website owners that host Javadoc HTML API documentation

Overview

Oracle released the June 2013 Critical Patch Update for Oracle Java SE [ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html ]. This patch contains 40 new security fixes across Java SE products and a fix to the Javadoc Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ]. API documentation in HTML format generated by the Javadoc tool that contains a right frame may be vulnerable to frame injection when hosted on a web server.

Description

Oracle's June Critical Patch Update includes a fix to the Javadoc Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ]. API documentation in HTML format generated by the Javadoc tool that contains a right frame may be vulnerable to frame injection when hosted on a web server. Additional information can be found in CERT Vulnerablity Report VU#225657 [ http://www.kb.cert.org/vuls/id/225657 ]. It is recommened that sites hosting such pages should re-generate the API documentation using the latest Javadoc tool and replace the current pages with the re-generated Javadoc output. In cases where regenerating API documentation is not feasible, a Java API Documentation Updater Tool that updates API documentation "in place" is available Oracle's Java SE Downloads page [ http://www.oracle.com/technetwork/java/javase/downloads/index.html ].

 

Impact

An attacker can cause one of the frames within a Javadoc-generated web page to be replaced with a malicious page. This vulnerability could be used for phishing or social engineering, or it could be used for browser exploitation if combined with another browser-related vulnerability.

Solution

*Apply Updates*

Oracle has released the June 2013 Java Critical Patch Update [ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html ] to address this vulnerability. Oracle Java Development Toolkit (JDK) and Javadoc users are advised to apply the June 2013 Java Critical Patch Update [ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html ] and regenerate and republish affected Javadoc HTML pages.

*Fix-in-Place Tool*

Oracle has released a fix-in-place tool named Java API Documentation Updater Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ]. This fix-in-place tool can process directories or folders to search for HTML files to be remediated without having to regenerate existing Javadocs. When presented directories/folders and their sub-directories or sub-folders, the Java API Documentation Updater Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ] will search for files with the following names:


  * index.htm 
  * index.html 
  * toc.htm 
  * toc.html 

For each file that matches the names noted above, the Java API Documentation Updater Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ] will search the file for the affected JavaScript text and replace it with the remediated version. Note that this tool will not detect Javadoc pages that have been renamed to something other than one of the above page names.

References

  * Oracle Java SE Critical Patch Update Announcement - June 2013 [ http://www.us-cert.gov/ncas/current-activity/2013/06/18/Oracle-Java-SE-Critical-Patch-Update-Announcement-June-2013 ] 
  * Vulnerability Note VU#225657 [ http://www.kb.cert.org/vuls/id/225657 ] 
  * Oracle Java SE Critical Patch Update Advisory - June 2013 [ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html ] 
  * CVE-2013-1571 [ http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1571 ] 
  * Javadoc Tool [ http://www.oracle.com/technetwork/java/javase/documentation/index-jsp-135444.html ] 

Revision History

  * Initial Release 
________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ] 

SUBSCRIBER SERVICES:
Manage Preferences [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true ]  |  Unsubscribe [ https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.6a6fc2cec2b9952ff27f6db27530aead&destination=security em unicamp.br ]  |  Help <support em govdelivery.com>

________________________________________________________________________

This email was sent to security em unicamp.br using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery [ http://www.govdelivery.com/portals/powered-by ]



----- End forwarded message -----