Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager.

Published byClare Bailey Modified over 8 years ago

Similar presentations

Presentation on theme: "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager."— Presentation transcript:

1 Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager Microsoft Corporation Dustin Childs Group Manager, Response Communications Microsoft Corporation

2 Dial In Number 1-877-593-2001 Pin: 3959 What We Will Cover Review of the January 2013 Bulletin Out-Of-Band release information for Security Bulletin MS13-008.Review of the January 2013 Bulletin Out-Of-Band release information for Security Bulletin MS13-008. Resources.Resources. Questions and answers: Please Submit Now.Questions and answers: Please Submit Now.

3 Dial In Number 1-877-593-2001 Pin: 3959 Severity & Deployment Priority Exploitability Index 1 RISK 2 3 DP 1 Severity CRIT IMPACT IMPORT MOD LOW MS13-008 InternetExplorer

4 Dial In Number 1-877-593-2001 Pin: 3959 MS13-008: Security Update for Internet Explorer (2799329) CVESeverity Exploitability CommentNote Latest Software Older Versions CVE-2012-4792Critical11 Remote Code Execution Publicly disclosed Affected Products Internet Explorer 6, 7, and 8 on all supported versions of Windows Client Internet Explorer 6, 7, and 8 on all supported versions of Windows Server Affected Components Internet Explorer Deployment Priority 1 Main Target Workstations Possible Attack Vectors An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer.An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer. An attacker could also take advantage of compromised websites and websites that accept or host user- provided content or advertisements.An attacker could also take advantage of compromised websites and websites that accept or host user- provided content or advertisements. Impact of Attack An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Mitigating Factors By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone.By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone. By default, Internet Explorer on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 runs in a restricted mode that is known as Enhanced Security Configuration.By default, Internet Explorer on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 runs in a restricted mode that is known as Enhanced Security Configuration. An attacker would have no way to force users to view the attacker-controlled content.An attacker would have no way to force users to view the attacker-controlled content. Additional Information This vulnerability was first described in Microsoft Security Advisory 2794220. This update fully deprecates Security Advisory 2794220.This vulnerability was first described in Microsoft Security Advisory 2794220. This update fully deprecates Security Advisory 2794220.Security Advisory 2794220 Security Advisory 2794220Security Advisory 2794220 Security Advisory 2794220 Internet Explorer 9 and 10 are not affected by this vulnerability.Internet Explorer 9 and 10 are not affected by this vulnerability. Customers must have installed the last IE Cumulative Update (MS12-077) prior to installing this update,Customers must have installed the last IE Cumulative Update (MS12-077) prior to installing this update,MS12-077

5 Dial In Number 1-877-593-2001 Pin: 3959 Detection, Deployment, & Additional Information

6 Dial In Number 1-877-593-2001 Pin: 3959 Questions and Answers Submit text questions using the “Ask” button.Submit text questions using the “Ask” button. Don’t forget to fill out the survey.Don’t forget to fill out the survey. A recording of this webcast will be available within 48 hours on the MSRC Blog: http://www.microsoft.com/msrcblogA recording of this webcast will be available within 48 hours on the MSRC Blog: http://www.microsoft.com/msrcblog http://www.microsoft.com/msrcblog Register for next month’s webcast at: http://microsoft.com/technet/security/current.aspxRegister for next month’s webcast at: http://microsoft.com/technet/security/current.aspx http://microsoft.com/technet/security/current.aspx

7 Dial In Number 1-877-593-2001 Pin: 3959 Resources Blogs Microsoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrcMicrosoft Security Response Center (MSRC) blog: www.blogs.technet.com/msrc www.blogs.technet.com/msrc Security Research & Defense blog: http://blogs.technet.com/srdSecurity Research & Defense blog: http://blogs.technet.com/srd http://blogs.technet.com/srd Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/Microsoft Malware Protection Center Blog: http://blogs.technet.com/mmpc/ http://blogs.technet.com/mmpc/ Twitter @MSFTSecResponse@MSFTSecResponse Security Centers Microsoft Security Home Page: www.microsoft.com/securityMicrosoft Security Home Page: www.microsoft.com/security www.microsoft.com/security TechNet Security Center: www.microsoft.com/technet/securityTechNet Security Center: www.microsoft.com/technet/security www.microsoft.com/technet/security MSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspxMSDN Security Developer Center: http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx http://msdn.microsoft.com/en- us/security/default.aspx Bulletins, Advisories, Notifications & Newsletters Security Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspxSecurity Bulletins Summary: www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx www.microsoft.com/technet/security/bulletin/summ ary.mspx Security Bulletins Search: www.microsoft.com/technet/security/current.aspxSecurity Bulletins Search: www.microsoft.com/technet/security/current.aspx www.microsoft.com/technet/security/current.aspx Security Advisories: www.microsoft.com/technet/security/advisory/Security Advisories: www.microsoft.com/technet/security/advisory/ www.microsoft.com/technet/security/advisory/ Microsoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspxMicrosoft Technical Security Notifications: www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx www.microsoft.com/technet/security/bulletin/notify. mspx Microsoft Security Newsletter: www.microsoft.com/technet/security/secnewsMicrosoft Security Newsletter: www.microsoft.com/technet/security/secnews www.microsoft.com/technet/security/secnews Other Resources Update Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspxUpdate Management Process http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx http://www.microsoft.com/technet/security/guidanc e/patchmanagement/secmod193.mspx Microsoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspxMicrosoft Active Protection Program Partners: http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx http://www.microsoft.com/security/msrc/mapp/part ners.mspx

8 Dial In Number 1-877-593-2001 Pin: 3959

Download ppt "Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft’s January 2013 Out-of-Band Security Bulletin Jonathan Ness Security Development Manager."

Similar presentations

Patch Management Patch Management in a Windows based environment

Patch Management Patch Management in a Windows based environment
Dial In Number 1-877-593-2001 Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.

Dial In Number Pin: 3959 Information About Microsoft September 21, 2012 Security Bulletin Jeremy Tinder Security Program Manager Microsoft.
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Dial In Number 1-800-227-8104 Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number Pin: 9049 Information About Microsoft April 2012 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Getting Ahead: Integrating Development and Response for Improved Security Steven B. Lipner Director of Security Engineering Strategy Security Business.

Getting Ahead: Integrating Development and Response for Improved Security Steven B. Lipner Director of Security Engineering Strategy Security Business.
resolve problems quickly resolve problems quickly minimise repeat problems minimise repeat problems Improve productivity of support staff Improve productivity.

resolve problems quickly resolve problems quickly minimise repeat problems minimise repeat problems Improve productivity of support staff Improve productivity.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Dial In Number 1-800-227-8104 Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.

Dial In Number Pin: 3879 Information About Microsoft May 2012 Security Bulletins Dustin Childs Sr. Security Program Manager Microsoft Corporation.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Dial In Number 1-800-229-0449 Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.

Dial In Number Pin: 3750 Information About Microsoft August 2011 Security Bulletins Jonathan Ness Security Development Manager, MSRC Microsoft.
Dial In Number 1-800-227-8104 PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.

Dial In Number PIN: 1056 Information About Microsoft December 2011 Security Bulletins Jonathan Ness Security Development Manager Microsoft.
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google