Microsoft Security Bulletins For October 2013 overview
Microsoft has released a new set of updates and patches for its software product a couple of seconds ago. The company releases security updates in one go on every second Tuesday of the month, and only breaks that habit for critical security vulnerabilities that are exploited in the wild.
Today eight bulletins have been published by the company that fix security vulnerabilities in Microsoft Windows and Office, Internet Explorer, Microsoft Server Software, the Microsoft .Net Framework, and Microsoft Silverlight.
Four of the vulnerabilities have received the highest severity rating of critical, and they all affect the Microsoft Windows operating system.
The remaining four bulletins have received a maximum severity rating of important, the second highest rating. Three of them affect Microsoft Office, one Microsoft Server Software, and one Microsoft Silverlight.
Note: Highest or maximum severity rating means that at least one product has received that rating. Other products may have received the same rating, a lower rating, or may not be affected by a particular vulnerability at all.
The update for Internet Explorer will fix the critical vulnerability that came to light earlier this month.
The eight bulletins released this month fix a total of 26 different vulnerabilities in Microsoft products.
Operating System Distribution
All Windows client operating system,s with the exception of Windows RT and the not yet released Windows 8.1 and Windows RT 8.1 are affected by four bulletins that have received a vulnerability rating of critical.
The same is true for server versions of Windows, as all supported Windows Server editions are affected by the critically rated and one moderately rated security bulletin.
- Windows XP: 4 critical
- Windows Vista: 4 critical
- Windows 7:Â 4 critical
- Windows 8:Â 4 critical
- Windows 8.1: 1 critical
- Windows RT: 2 critical, 1 important
- Windows RT 8.1: 1 critical
- Windows Server 2003: 3 critical, 1 moderate
- Windows Server 2008: 3 critical, 1 moderate
- Windows Server 2008 R2: 3 critical, 1 moderate
- Windows Server 2012: 3 critical, 1 moderate
Office Distribution
As far as Microsoft Office is concerned, two bulletins have been released this Patch Tuesday that affect the application. Only Microsoft Office 2007 and Microsoft Office for Mac are affected by both bulletins, while all other supported Office versions are only affected by one.
- Microsoft Office 2003: 1 important
- Microsoft Office 2007: 2 important
- Microsoft Office 2010: 1 important
- Microsoft Office 2013: 1 important
- Microsoft Office for Mac: 2 important
Deployment Guide
Each month, Microsoft releases a bulletin deployment guide that aims to help system and network administrators, and individual interested users alike, determine the update priority of each bulletin released.
While there is no obligation to do so, it is usually best to follow the guide. It usually suggests to install patches that protect against critical vulnerabilities first, but those too may receive different priorities in regards to deployment.
- Tier 1 updates: MS13-080 Internet Explorer, MS13-081 KMD, Ms13-083 Common Controls
- Tier 2 updates: MS13-082Â .NET Framework, MS13-085 Excel, MS13-086 Word
- Tier 3 updates: MS13-084 SharePoint, MS13-087 Silverlight
Security Bulletins
- MS13-080Cumulative Security Update for Internet Explorer (2879017)
- MS13-081Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)
- MS13-082Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)
- MS13-083Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)
- MS13-084Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)
- MS13-085Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080)
- MS13-086Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)
- MS13-087Vulnerability in Silverlight Could Allow Information Disclosure (2890788)
Other Security related updates
- MS13-079: Security Update for Windows 8 for x64-based Systems (KB2853587)
- MS13-076: Security Update for Windows 8 for x64-based Systems (KB2876315)
Non-security related updates
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2802618)
- Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB2834140)
- Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP (KB2836939)
- Update for Windows 7 and Windows Server 2008 R2 (KB2846960)
- Update for Windows 7 (KB2852386)
- Update Rollup for Windows Server 2012 Essentials (KB2862551)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2869628)
- Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB2882822)
- Update for Windows 8, Windows RT, and Windows Server 2012 (KB2883201)
- Update for Windows 7 and Windows Server 2008 R2 (KB2888049)
- Dynamic Update for Windows 8.1 and Windows RT 8.1 (KB2891300)
- Windows Malicious Software Removal Tool - October 2013 (KB890830)/Windows Malicious Software Removal Tool - October 2013 (KB890830) - Internet Explorer Version
- Internet Explorer 10 for Windows 7 and Windows Server 2008 R2 (KB2718695)
- Update for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP (KB2808679)
- Microsoft Browser Choice Screen Update for EEA Users of Windows 8.1 (KB976002)
- Language Packs for Windows RT (KB2607607)
- Language Packs for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2839636)
- Update for Windows 7 and Windows Server 2008 R2 (KB2846960)
- Update for Microsoft Camera Codec Pack for Windows 8.1 and Windows RT 8.1 (KB2859675)
- Update for Internet Explorer Flash Player for Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, and Windows Server 2012 (KB2889543)
How to download and install the October 2013 security updates
The updates will be deployed automatically on most user systems by the operating system's automatic update feature. While that is the recommended installation method on most systems, some users may want full control over the update process, which automatic updates does not offer.
This is also the case for businesses and organizations who need to test updates before they are deployed on a computer network.
Last but not least, this is also the way to go if updates need to be deployed on systems without direct Internet connection.
All security patches can be downloaded from Microsoft's Download Center either as standalone update downloads, or in form of a monthly ISO image that contains all security patches for that month.
Another alternative to that are third party tools that download updates and patches automatically to the system.
Advertisement
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.