Catprint Computing Simply IT

Revision Note: V1.0 (May 14, 2013): Advisory published.
Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take complete control of the system.

Revision Note: V1.0 (May 14, 2013): Advisory published.
Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory.

Revision Note: V12.1 (May 14, 2013): Revised advisory to show the correct update and KB article numbers for update 2837385 released on May 14, 2013.
Summary: Microsoft is aware of vulnerabilities in Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8, Windows Server 2012, and Windows RT. Microsoft provides updates that address the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10.

Revision Note: V2.0 (May 14, 2013): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS13-038 to address this issue. For more information about this issue, including download links for an available security update, please review MS13-038. The vulnerability addressed is the Internet Explorer Use After Free Vulnerability - CVE-2013-1347.