Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB2834695
HistoryMay 14, 2013 - 12:00 a.m.

MS13-041: Vulnerability in Lync could allow remote code execution: May 14, 2013

2013-05-1400:00:00
Microsoft
support.microsoft.com
19

EPSS

0.807

Percentile

98.3%

JSON

<html><body><p>Resolves a vulnerability in Microsoft Office that could allow remote code execution if a user opens a specially crafted file or previews a specially crafted email message in an affected version of Microsoft Office software.</p><h2>INTRODUCTION</h2><div>Microsoft has released security bulletin MS13-041. To view the complete security bulletin, visit the following Microsoft website: <ul><li>IT professionals:<div><a href=“http://technet.microsoft.com/security/bulletin/ms13-041” target=“_self”>http://technet.microsoft.com/security/bulletin/MS13-041</a></div></li></ul><h3>How to obtain help and support for this security update</h3> Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <br /><a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer that is running Windows from viruses and malware:<br /><a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <br /><a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a><br /><br /></div><h2></h2><div><h4>Known issues with this security update</h4>Each security update that is addressed in this bulletin requires that the latest publicly released cumulative update for the affected software is installed before you apply the update. If you install an update through Microsoft Update, the appropriate cumulative update will be automatically installed together with the security update. <br /><br />However, if you plan to apply an update manually by downloading it from the Microsoft Download Center, you should be aware that the Lync Server Update Installer on Microsoft Download Center page will automatically install previous Cumulative Updates (CU) for all Lync Servers. See the following table for product-specific links for obtaining the cumulative updates for manual installations.<br /><br /><div><table><tr><th>Affected Software</th><th>Download Page for Latest Cumulative Update</th></tr><tr><td>Microsoft Office Communicator 2007 R2<br />(2827753)</td><td><a href=“http://technet.microsoft.com/en-us/office/ocs/ee695846” target=“_self”>Updates Resource Center for Office Communications Server 2007 R2 and Clients</a></td></tr><tr><td>Microsoft Lync 2010 (32-bit)<br />(2827750)</td><td><a href=“http://technet.microsoft.com/en-us/lync/gg131945” target=“_self”>Updates resource center for Lync 2010</a></td></tr><tr><td>Microsoft Lync 2010 (64-bit) <br />(2827750)</td><td><a href=“http://technet.microsoft.com/en-us/lync/gg131945” target=“_self”>Updates resource center for Lync 2010</a></td></tr><tr><td>Microsoft Lync 2010 Attendee<br />(admin level install)<br />(2827752)</td><td><a href=“http://technet.microsoft.com/en-us/lync/gg131945” target=“_self”>Updates resource center for Lync 2010</a></td></tr><tr><td>Microsoft Lync 2010 Attendee<br />(user level install)</td><td><a href=“http://technet.microsoft.com/en-us/lync/gg131945” target=“_self”>Updates resource center for Lync 2010</a></td></tr><tr><td>Microsoft Lync Server 2013<br />(2827754)</td><td><a href=“http://technet.microsoft.com/en-us/lync/dn146014” target=“_self”>Updates resource center for Lync Server 2013</a></td></tr></table></div></div><h2></h2><div><h3>Known issues and additional information about this security update</h3> <br /> <br /><br /> The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<br /><br /><br /><ul><li><a href=“https://support.microsoft.com/en-us/help/2827750”>2827750 </a> MS13-041: Description of the security update for Lync 2010: May 14, 2013<br /><br />Known issues in security update 2827750: <ul><li>When you install an update for Lync 2010, you are not prompted to close the application (Lync 2010). All ongoing conversations and conferences will be stopped in order to install the update successfully. The user must manually start Lync 2010 after the installation procedure is complete.</li></ul></li><li><a href=“https://support.microsoft.com/en-us/help/2827751”>2827751 </a> MS13-041: Description of the security update for Lync 2010 Attendee (user level install): May 14, 2013 </li><li><a href=“https://support.microsoft.com/en-us/help/2827752”>2827752 </a> MS13-041: Description of the security update for Lync 2010 Attendee (Administrator level installation): May 14, 20103 </li><li><a href=“https://support.microsoft.com/en-us/help/2827753”>2827753 </a> MS13-041: Description of the security update for Office Communicator 2007 R2: May 14, 2013 </li><li><a href=“https://support.microsoft.com/en-us/help/2827754”>2827754 </a> MS13-041: Description of the security update for Lync 2013 Web Access: May 14, 2013 </li></ul><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>AttendeeAdmin.msp</td><td>483A85ABA820006A2F642E77DDC083ABB2FF14A2</td><td>8D807454AE8F333E8358578F8AD9884900004B22446643538CFBF6D80BC93160</td></tr><tr><td>AttendeeUser.msp</td><td>24E2839B67D7954304655BCD2C25E4528F59D82C</td><td>DCBC634F4E81680C71A2E6BE84F0A06E302B7E8F9770171052FBC38CBA1ECDF7</td></tr><tr><td>communicator.msp</td><td>F5CFA0F71F59F54FEC7C58353CA094A6B544A989</td><td>1DD50B2BB349042475587CEE70C82D5E45BD706DCB04F031F394FC7935BD0934</td></tr><tr><td>WebComponents.msp</td><td>B822432792D2433F5CA868B066CC0F63BA2DFF8F</td><td>409411B9747F91FE326DB9842C6D661A85A5568E782DCFF5E6C5740BD99363DC</td></tr><tr><td>lync.msp</td><td>3CEA167A2B959B122FE18CF815CC8336BD839FB9</td><td>0961ADDEEE21410F9675B50E97FB2780ADB2FCD68BAA0ECBB22CB3DE904793C8</td></tr><tr><td>lync.msp</td><td>AA540608DB00295ADEE6349AE25FA8D179886279</td><td>2B91865EEDBDBE694CC9633BC229DAC0728E9A0932F30DF6D5E2754F54847811</td></tr></table></div></div><br /></span></div></div></div></div></body></html>

Related

checkpoint_advisories 1
prion 1
openvas 3
symantec 1
seebug 1
nvd 1
cve 1
cvelist 1
nessus 1
securityvulns 1
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft Lync Remote Code Execution (MS13-035; CVE-2013-1302)
2013-05-14 00:00:00
prion
prion
Code injection
2013-05-15 03:36:00
openvas
openvas
Microsoft Lync Attendee Remote Code Execution Vulnerability (2834695)
2013-05-15 00:00:00
Microsoft Lync Server Remote Code Execution Vulnerability (2834695)
2013-05-15 00:00:00
Microsoft Lync Remote Code Execution Vulnerability (2834695)
2013-05-15 00:00:00
symantec
symantec
Microsoft Lync CVE-2013-1302 Remote Code Execution Vulnerability
2013-05-14 00:00:00
seebug
seebug
Microsoft Lync 远程代码执行漏洞(CVE-2013-1302)(MS13-041)
2013-05-17 00:00:00
nvd
nvd
CVE-2013-1302
2013-05-15 03:36:33
cve
cve
CVE-2013-1302
2013-05-15 03:36:33
cvelist
cvelist
CVE-2013-1302
2013-05-15 01:00:00
nessus
nessus
MS13-041: Vulnerability in Lync Could Allow Remote Code Execution (2834695)
2013-05-15 00:00:00
securityvulns
securityvulns
Microsoft Lync code execution
2013-05-27 00:00:00

EPSS

0.807

Percentile

98.3%

JSON
Related for KB2834695
checkpoint_advisories1prion1openvas3symantec1seebug1nvd1cve1cvelist1nessus1securityvulns1