Microsoft Patch Tuesday – November 2013

So it is finally patch Tuesday today! Last two weeks have been quite busy as we all heard about targeted and not targeted attacks exploiting 0 day vulnerabilities. As usual we will share some highlights of the MS Security Bulletin.

Firstly as mentioned above we have seen a 0 day vulnerability in Microsoft Graphics component’s code  for parsing TIFF images. This can be exploited by embedding malicious TIFF images in MS Office documents. Microsoft is not releasing a patch for this today, but has released a Fixit solution for now. The November update for IBM’s IPS solutions will add a new signature to detect the exploitation of this vulnerability. You can find more details in the alert that we released here.

Secondly, last weekend Fireye announced that they have seen two IE 0 day vulnerabilities being exploited to achieve remote code execution. One of the vulnerability is a critical remote code execution vulnerability and the other one is an information disclosure vulnerability. Microsoft is patching the remote code execution vulnerability by  MS13-090 and they have done a pretty good job at explaining these two vulnerabilities here.

You can find details about today’s bulletin here.

 

 

Share this Article:
Zubair Ashraf

X-Force Security Researcher, IBM Security

Zubair Ashraf is a security researcher and team lead for IBM X-Force Advanced Research. He is very passionate about fighting all malicious activities in cyber space (aka cyber-crime/ attacks, or APT etc.). Currently he contributes to this via several means, and to share a few, he is actively and passionately: Educating and training others via his Twitter, blogging or presenting at security events; Analyzing Exploitation Techniques, Malware and Vulnerabilities and advising the IBM Security System's product development teams on prevention and detection strategies. His twitter account (@zashraf1337) has been listed among security researchers that will blow your mind and recommended on Metasploit's blog as among those to be followed if you like vulnerability research and/or exploit development.