[SECURITY-L] [US-CERT em ncas.us-cert.gov: TA13-317A: Microsoft Updates for Multiple Vulnerabilities]
CSIRT - UNICAMP
security em unicamp.br
Seg Nov 18 11:48:32 -02 2013
----- Forwarded message from US-CERT <US-CERT em ncas.us-cert.gov> -----
Date: Sat, 16 Nov 2013 06:05:23 -0600
From: US-CERT <US-CERT em ncas.us-cert.gov>
To: security em unicamp.br
Subject: TA13-317A: Microsoft Updates for Multiple Vulnerabilities
NCCIC / US-CERT
National Cyber Awareness System:
TA13-317A: Microsoft Updates for Multiple Vulnerabilities [ https://www.us-cert.gov/ncas/alerts/TA13-317A ] 11/13/2013 07:12 AM EST
Original release date: November 13, 2013 | Last revised: November 16, 2013
Systems Affected
* Windows Operating System and Components
* Microsoft Office
* Internet Explorer
Overview
Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
Description
The Microsoft Security Bulletin Summary for November 2013 [ http://technet.microsoft.com/en-us/security/bulletin/ms13-nov ] describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities. The November Security Bulletin includes a patch for the new “watering hole” campaign which utilizes a US-based website that specializes in domestic and international security policy.
Impact
These vulnerabilities could allow remote code execution, elevation of privilege, information disclosure or denial of service.
Solution
*Apply Updates*
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2013 [ http://technet.microsoft.com/en-us/security/bulletin/ms13-nov ], which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services [ http://www.us-cert.gov/redirect?url=http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fwsus%2Fdefault.aspx ] (WSUS). Home users are encouraged to enable automatic updates [ http://www.us-cert.gov/redirect?url=http%3A%2F%2Fwindows.microsoft.com%2Fen-us%2Fwindows-vista%2FTurn-automatic-updating-on-or-off ].
References
* Microsoft Security Bulletin Summary for November 2013 [ http://technet.microsoft.com/en-us/security/bulletin/ms13-nov ]
* Microsoft Windows Server Update Services [ http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx ]
* Turn Automatic Updating On or Off [ http://windows.microsoft.com/en-us/windows/turn-automatic-updating-on-off#turn-automatic-updating-on-off=windows-vista ]
Revision History
* November 13, 2013: Initial Release
________________________________________________________________________
This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy.
________________________________________________________________________
OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ]
STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
SUBSCRIBER SERVICES:
Manage Preferences [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true ] | Unsubscribe [ https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.6a6fc2cec2b9952ff27f6db27530aead&destination=security@unicamp.br ] | Help [ https://subscriberhelp.govdelivery.com/ ]
________________________________________________________________________
This email was sent to security em unicamp.br using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery [ http://www.govdelivery.com/portals/powered-by ]
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L