Jump to content

Please read the following announcement about thanks posts and their replacement; the like / thanks button.




Welcome to nsane.forums


Sign In  Log in with Facebook Log in with Twitter

Create Account
Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.
  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates
 
Guest Message by DevFuse

Photo
* * * * * 1 votes

Microsoft Patch Tuesday November 2013 - Overview


  • Please log in to reply
7 replies to this topic

#1 Matsuda

Matsuda

  • ViP
  • 1,774 posts

Posted 12 November 2013 - 02:59 PM

*
POPULAR

                                                     windows8patchtuesday_r1_c1_0.jpg

                                 Microsoft is about to release this month's security updates and patches for Windows client and server operating systems.
 

 

A total of eight bulletins are released this month. Three of the bulletins have received a critical severity rating, the highest possible rating. The remaining five bulletins received a rating of important, the second highest rating.
 

The eight bulletins patch a total of 19 different vulnerabilities in Microsoft products.
 

As far as the affected software is concerned, six of the bulletins address issues in Microsoft Windows, and the remaining two vulnerabilities in Microsoft Office.
 

You find detailed information about the bulletins below. This includes the operating system and Office distribution, deployment suggestions, links to each bulletin to look up additional information, information about non-security updates that were released since the last Patch Day, and finally instructions on how to download those updates to your PC.
 

Operating System Distribution
 

The following list displays the bulletin distribution for each client and server operating system that Microsoft is supporting right now.
 

On the client side, Windows RT takes the crown once again with the least amount of vulnerabilities, followed by Windows 7 and earlier versions of Windows. Windows 8 and Windows 8.1 are affected more than any other client operating system this time.
 

On the server side of things, all Windows Server versions are affected in the same way by this month's security bulletins.

  • Windows XP: 3 critical, 2 important
  • Windows Vista: 3 critical, 2 important
  • Windows 7:  3 critical, 2 important
  • Windows 8:  3 critical, 3 important
  • Windows 8.1: 3 critical, 3 important
  • Windows RT: 3 critical, 1 important
  • Windows RT 8.1: 3 critical, 1 important
  • Windows Server 2003: 1 critical, 3 important, 1 moderate
  • Windows Server 2008: 1 critical, 3 important, 1 moderate
  • Windows Server 2008 R2: 1 critical, 3 important, 1 moderate
  • Windows Server 2012: 1 critical, 3 important, 1 moderate
     

Office Distribution
 

Office 2003 is only affected by one bulletin rated important, while all newer versions of Office are affected by an additional bulletin.

  • Microsoft Office 2003: 1 important
  • Microsoft Office 2007: 2 important
  • Microsoft Office 2010: 2 important
  • Microsoft Office 2013: 2 important
     

Deployment Guide
 

Microsoft releases a deployment guide on each Patch Day that offers suggestions for administrators and individual users about the order of deployment of the released Windows updates.
 

Priorities are assigned to each bulletin using several factors including a bulletins severity rating, whether it is exploited in the wild, and other factors.
 

While this may not be an issue at all on individual systems, as patches can be installed in a heartbeat on them, companies who do testing before patches are applied may use the information to test and deploy patches in optimal order using the guide.
 

                                    bulletin-deployment-priority-660x371.jpg
 

  • Tier 1 updates: MS13-090 ActiveX Kill Bits, MS13-088 Internet Explorer and MS13-089 Windows GDI
  • Tier 2 updates: MS13-091 Office, MS13-092 Hyper-V and MS13-093 Windows AFD
  • Tier 3 updates: MS13-094 Outlook and MS13-096 XML Digital Signatures

 

                                   severity-index-660x371.jpg
 

Security Bulletins
 

The first three are the critically rated bulletins, the remaining five have all been rated important.

  • MS13-088 Cumulative Security Update for Internet Explorer (2888505)
  • MS13-089 Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)
  • MS13-090 Cumulative Security Update of ActiveX Kill Bits (2900986)
  • MS13-091 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)
  • MS13-092 Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986)
  • MS13-093 Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure (2875783)
  • MS13-094 Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514)
  • MS13-095 Vulnerability in Digital Signatures Could Allow Denial of Service
     

Other Security related updates / changes

  • MS13-081: Security Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB2862330)
     

Non-security related updates

  • Update for Windows 7 and Windows Server 2008 R2 (KB2830477)
  • Language Packs for Windows 8.1 and Windows RT 8.1 (KB2839636)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2882780)
  • Update for Windows Small Business Server 2011 Essentials (KB2885313)
  • Update for Windows Home Server 2011 (KB2885314)
  • Update for Windows Storage Server 2008 R2 Essentials (KB2885315)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2887595)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2889784)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2890140)
  • Dynamic Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2890141)
  • Dynamic Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2890142)
  • Update for Windows 8, Windows RT, Windows Server 2012, Windows 7, and Windows Server 2008 R2 (KB2893519)
  • Dynamic Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2897942)
  • Dynamic Update for Windows Server 2012 R2 (KB2902816)
  • Update for Windows RT 8.1 (KB2903601)
  • Update for Windows 8.1 (KB2904594)
  • Update for Windows RT 8.1 (KB2905029)
  • Windows Malicious Software Removal Tool - November 2013 (KB890830)/Windows Malicious Software Removal Tool - November 2013 (KB890830) - Internet Explorer Version
  • Update for Root Certificates for Windows 8.1, Windows 8, Windows 7, Windows Vista, and Windows XP (KB931125)
  • System Update Readiness Tool for Windows 7, Windows Server 2008 R2, Windows Server 2008, and Windows Vista (KB947821) [November 2013]
  • Update for Windows 7 and Windows Server 2008 R2 (KB2515325)
  • Update for Windows 7 and Windows Server 2008 R2 (KB2647753)
  • Update for Windows 8, Windows RT, and Windows Server 2012 (KB2883201)
  • Internet Explorer 11 for Windows 7 and Windows Server 2008 R2 (KB2841134)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2902892)
  • Update for Windows RT (KB2885699)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2901549)
  • Dynamic Update for Windows RT 8.1 (KB2901630)
  • Language Packs for Windows RT (KB2607607)
  • Update for Windows 8 (KB2885699)
  • Update for Windows 8, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP (KB2890882)
  • Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2882342)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2882351)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2883200)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2884846)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2890139)
  • Dynamic Update for Windows 8.1 and Windows Server 2012 R2 (KB2890660)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2891213)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2891214)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2892082)
  • Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB2895219)
  • Dynamic Update for Windows 8.1, Windows Server 2012 R2 and Windows RT 8.1 (KB2895233)
  • Update for Windows 8.1 (KB2895586)
  • Update for Windows 8.1 (KB2895592)
  • Update for Windows 8.1 (KB2895614)
  • Dynamic Update for Windows 8.1 and Windows Server 2012 R2 (KB2898464)
  • Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)
     

Additional information
 

The Microsoft Security Bulletin Summary for this month is available here. All bulletins are described here in an overview, and with links that you can follow for additional information.
 

You may also want to check out this month's patch day overview on the Microsoft Security Response Center. Here you may find additional information about the patches.




search_button.gif Source


Edited by Matsuda, 12 November 2013 - 03:06 PM.


#2 avmad

avmad

    Paranoid

  • Veteran
  • 2,375 posts
  • Gender:Male

  • United Kingdom

Posted 12 November 2013 - 04:36 PM

IE11 for Windows7 worth upgrading?



#3 Gamkutopolowk

Gamkutopolowk

    Advanced Member

  • Members
  • PipPipPip
  • 104 posts
  • Gender:Male
  • Interests:Music
    Producer DJ
    Sound Studio

  • Tunisia

Posted 12 November 2013 - 05:53 PM

we couldn't complete the updates - undoing changes :pos:


Edited by Gamkutopolowk, 12 November 2013 - 06:11 PM.


#4 eurobyn

eurobyn

    Senior Member

  • Members
  • PipPipPipPip
  • 359 posts
  • Gender:Male

  • Belgium

Posted 12 November 2013 - 07:48 PM

be sure to turn off (Always) the antivirus software before updating windows !

otherwise it will have problems.



#5 janedoe

janedoe

    Senior Member

  • Members
  • PipPipPipPip
  • 361 posts
  • Gender:Female

  • Blank

Posted 12 November 2013 - 10:31 PM

IE11 for Windows7 worth upgrading?

 

Absolutely, even IMO if you don't use IE. Since it's such an integral OS component better to keep it updated always, and anyway it is much improved now (although some sites/webdevs don't seem to have got the message yet unfortunately).

 

be sure to turn off (Always) the antivirus software before updating windows !

otherwise it will have problems.

 

I've never once bothered to turn off my AV before running WU and have never faced any issues. If an AV causes problems with WU then such a useless piece of s...oftware should be uninstalled immediately. Anyone with problems should try to narrow down which particular update is failing, what the error code is (refer to event logs and WU log files) and so on.



#6 Miroglu

Miroglu

    ViP Member

  • Veteran
  • 3,645 posts
  • Gender:Male
  • Location:Turkey
  • Interests:Computers Network Internet Games Cars Weapons

  • Turkey

Posted 13 November 2013 - 05:25 AM

Thanks for the info.



#7 rach

rach

    Ninja

  • ViP
  • 1,282 posts
  • Interests:C++

Posted 13 November 2013 - 06:23 AM

no patch that related to Browsers Not Working Properly in Windows 8.1 and Windows 8.1 bug displays ugly, distorted icon in delete confirmation dialog?
? :mellow:



#8 avmad

avmad

    Paranoid

  • Veteran
  • 2,375 posts
  • Gender:Male

  • United Kingdom

Posted 13 November 2013 - 10:08 AM

All worked for me. Installed IE11 last. Never use IE so may as well update it.

I never turn off AV either.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users