Symantec product detections for Microsoft monthly Security Advisories

Symantec product detections for Microsoft monthly Security Advisories - January 2013

book

Article ID: 157528

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Advisories.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.

Resolution

ID and Rating	CAN/CVE ID: CVE-2013-0011 BID: 57142 Microsoft ID: MS13-001 MSKB: 2769369 Microsoft Rating: Critical
Vulnerability Type	Windows Print Spooler Components Vulnerability Remote Code Execution Vulnerability
Vulnerability Affects	Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Details	A remote code execution vulnerability exists in the way that Microsoft Windows handles malformed print spooler response to a client request. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: [SCSPBP5] Specific Windows Service Protection

ID and Rating	CAN/CVE ID: CVE-2013-0006 BID: 57116 Microsoft ID: MS13-002 MSKB: 2756145 Microsoft Rating: Critical
Vulnerability Type	MSXML Integer Truncation Vulnerability Remote Code Execution Vulnerability
Vulnerability Affects	Microsoft XML Core Services 3.0 on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 3.0 on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 3.0 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 3.0 on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 3.0 on Windows 7 for x64-based Systems Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Microsoft XML Core Services 3.0 on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 3.0 on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 3.0 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft XML Core Services 3.0 on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 3.0 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 3.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 6.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 3.0 when installed on Windows Server 2012 for 64-bit Systems
Details	A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: [SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

ID and Rating	CAN/CVE ID: CVE-2013-0007 BID: 57122 Microsoft ID: MS13-002 MSKB: 2756145 Microsoft Rating: Critical
Vulnerability Type	MSXML XSLT Vulnerability Remote Code Execution Vulnerability
Vulnerability Affects	Microsoft XML Core Services 4.0 when installed on Windows XP Service Pack 3 Microsoft XML Core Services 6.0 on Windows XP Service Pack 3 Microsoft XML Core Services 4.0 when installed on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2003 Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 4.0 when installed on Windows Vista Service Pack 2 Microsoft XML Core Services 6.0 on Windows Vista Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows 7 for 32-bit Systems Microsoft XML Core Services 6.0 on Windows 7 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for 32-bit Systems Microsoft XML Core Services 6.0 on Windows 7 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for x64-based Systems Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Service Pack 1Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 4.0 when installed on Windows 8 for 32-bit Systems Microsoft XML Core Services 6.0 when installed on Windows 8 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 6.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2012 for 64-bit Systems Microsoft XML Core Services 6.0 when installed on Windows Server 2012 for 64-bit Systems Microsoft XML Core Services 4.0 when installed on Windows RT Microsoft XML Core Services 6.0 when installed on Windows RT
Details	A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: [SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

ID and Rating	CAN/CVE ID: CVE-2013-0009 BID: 55401 Microsoft ID: MS13-003 MSKB: 2748552 Microsoft Rating: Important
Vulnerability Type	System Center Operations Manager Web Console XSS Vulnerability Cross-Site Scripting Vulnerability
Vulnerability Affects	Microsoft System Center Operations Manager 2007 Service Pack 1 Microsoft System Center Operations Manager 2007 R2
Details	A cross-site scripting (XSS) vulnerability exists in System Center Operations Manager that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the System Center Operations Manager server in the context of the targeted user.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: N/A

ID and Rating	CAN/CVE ID: CVE-2013-0010 BID: 55408 Microsoft ID: MS13-003 MSKB: 2748552 Microsoft Rating: Important
Vulnerability Type	System Center Operations Manager Web Console XSS Vulnerability Cross-Site Scripting Vulnerability
Vulnerability Affects	Microsoft System Center Operations Manager 2007 Service Pack 1 Microsoft System Center Operations Manager 2007 R2
Details	.A cross-site scripting (XSS) vulnerability exists in System Center Operations Manager that could allow specially crafted script code to run under the guise of the server. This is a non-persistent cross-site scripting vulnerability that could allow an attacker to issue commands to the System Center Operations Manager server in the context of the targeted user.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: N/A

ID and Rating	CAN/CVE ID: CVE-2013-0002 BID: 57126 Microsoft ID: MS13-004 MSKB: 2769324 Microsoft Rating: Important
Vulnerability Type	WinForms Buffer Overflow Vulnerability Elevation of Privilege Vulnerability
Vulnerability Affects	Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Tablet PC Edition 2005 Service Pack 3 and Windows XP Media Center Edition 2005 Service Pack 3 (KB2742607) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Service Pack 3 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 on Microsoft Windows Server 2003 Service Pack 2 (KB2742604) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Service Pack 3 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista x64 Edition Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2742616) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2756923) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 4 when installed on Microsoft Windows XP Service Pack 3 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4.5 when installed on Windows Vista Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 on Windows 8 for 32-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows 8 for 64-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows Server 2012 (KB2742614) Microsoft .NET Framework 4.5 on Windows RT (KB2742614)
Details	An elevation of privilege vulnerability exists in the way that the Windows Forms in .Net Framework validates the number of objects in memory before copying those objects into an array. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

ID and Rating	CAN/CVE ID: CVE-2013-0003 BID: 57114 Microsoft ID: MS13-004 MSKB: 2769324 Microsoft Rating: Important
Vulnerability Type	S.DS.P Buffer Overflow Vulnerability Elevation of Privilege Vulnerability
Vulnerability Affects	Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Service Pack 3 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista x64 Edition Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2742616) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2756923) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 4 when installed on Microsoft Windows XP Service Pack 3 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4.5 when installed on Windows Vista Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 on Windows 8 for 32-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows 8 for 64-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows Server 2012 (KB2742614) Microsoft .NET Framework 4.5 on Windows RT (KB2742614)
Details	An elevation of privilege vulnerability exists in the way that the System.DirectoryServices.Protocols (S.DS.P) in .Net Framework validates the size of objects in memory prior to copying those objects into an array. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: [SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

ID and Rating	CAN/CVE ID: CVE-2013-0004 BID: 57113 Microsoft ID: MS13-004 MSKB: 2769324 Microsoft Rating: Important
Vulnerability Type	Double Construction Vulnerability Information Disclosure Vulnerability
Vulnerability Affects	Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Tablet PC Edition 2005 Service Pack 3 and Windows XP Media Center Edition 2005 Service Pack 3 (KB2742607) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Service Pack 3 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 on Microsoft Windows Server 2003 Service Pack 2 (KB2742604) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Service Pack 3 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista x64 Edition Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 32-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2742616) Microsoft .NET Framework 3.5 on Windows 8 for 64-bit Systems (KB2756923) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2742616) Microsoft .NET Framework 3.5 on Windows Server 2012 (KB2756923) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2742598) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems (KB2756920) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742599) Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2756921) Microsoft .NET Framework 4 when installed on Microsoft Windows XP Service Pack 3 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4.5 when installed on Windows Vista Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742613) Microsoft .NET Framework 4.5 on Windows 8 for 32-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows 8 for 64-bit Systems (KB2742614) Microsoft .NET Framework 4.5 on Windows Server 2012 (KB2742614) Microsoft .NET Framework 4.5 on Windows RT (KB2742614)
Details	An information disclosure vulnerability exists in the way the Windows Forms in .NET Framework handles pointers to unmanaged memory locations.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS:[SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

ID and Rating	CAN/CVE ID: CVE-2013-0008 BID: 57135 Microsoft ID: MS13-005 MSKB: 2778930 Microsoft Rating: Important
Vulnerability Type	Win32k Improper Message Handling Vulnerability Elevation of Privilege Vulnerability
Vulnerability Affects	Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows 8 for 32-bit Systems Windows 8 for 64-bit Systems Windows Server 2012 Windows RT
Details	An elevation of privilege vulnerability exists when the Windows kernel improperly handles window broadcast messages. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: N/A

ID and Rating	CAN/CVE ID: CVE-2013-0013 BID: 57144 Microsoft ID: MS13-006 MSKB: 2785220 Microsoft Rating: Important
Vulnerability Type	Microsoft SSL Version 3 and TLS Protocol Security Feature Bypass Vulnerability Security Bypass Vulnerability
Vulnerability Affects	Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows 8 for 32-bit Systems Windows 8 for 64-bit Systems Windows Server 2012 Windows Server 2012 Windows RT
Details	A security feature bypass vulnerability exists in the way that the Microsoft Windows SSL/TLS (Secure Socket Layer and Transport Layer Security) handle the SSL version 3 (SSLv3) and TLS protocols. The vulnerability could allow security feature bypass if an attacker injects specially crafted content into an SSL/TLS session.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: N/A

ID and Rating	CAN/CVE ID: CVE-2013-0005 BID: 57141 Microsoft ID: MS13-007 MSKB: 2769327 Microsoft Rating: Important
Vulnerability Type	Replace Denial of Service Vulnerability Denial of Service Vulnerability
Vulnerability Affects	Microsoft XML Core Services 4.0 when installed on Windows XP Service Pack 3 Microsoft XML Core Services 6.0 on Windows XP Service Pack 3 Microsoft XML Core Services 4.0 when installed on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows XP Professional x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2003 Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2003 x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2003 with SP2 for Itanium-based Systems Microsoft XML Core Services 4.0 when installed on Windows Vista Service Pack 2 Microsoft XML Core Services 6.0 on Windows Vista Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 6.0 on Windows Vista x64 Edition Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 6.0 on Windows Server 2008 for Itanium-based Systems Service Pack 2 Microsoft XML Core Services 4.0 when installed on Windows 7 for 32-bit Systems Microsoft XML Core Services 6.0 on Windows 7 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for 32-bit Systems Microsoft XML Core Services 6.0 on Windows 7 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for x64-based Systems Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Microsoft XML Core Services 4.0 when installed on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows 7 for x64-based Systems Service Pack 1 Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for x64-based Systems Service Pack 1Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 6.0 on Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Microsoft XML Core Services 4.0 when installed on Windows 8 for 32-bit Systems Microsoft XML Core Services 6.0 when installed on Windows 8 for 32-bit Systems Microsoft XML Core Services 4.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 6.0 when installed on Windows 8 for 64-bit Systems Microsoft XML Core Services 4.0 when installed on Windows Server 2012 for 64-bit Systems Microsoft XML Core Services 6.0 when installed on Windows Server 2012 for 64-bit Systems Microsoft XML Core Services 4.0 when installed on Windows RT Microsoft XML Core Services 6.0 when installed on Windows RT
Details	A denial of service vulnerability exists in the OData specification that could allow denial of service. The vulnerability could cause the server or service to stop responding and restart.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS: N/A

ID and Rating	CAN/CVE ID: CVE-2013-0001 BID: 57124 Microsoft ID: MS13-004 MSKB: 2769324 Microsoft Rating: Moderate
Vulnerability Type	System Drawing Information Disclosure Vulnerability Information Disclosure Vulnerability
Vulnerability Affects	Microsoft .NET Framework 1.0 Service Pack 3 on Windows XP Tablet PC Edition 2005 Service Pack 3 and Windows XP Media Center Edition 2005 Service Pack 3 (KB2742607) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Service Pack 3 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 on Microsoft Windows Server 2003 Service Pack 2 (KB2742604) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 1.1 Service Pack 1 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742597) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Service Pack 3 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742596) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Vista x64 Edition Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742601) Microsoft .NET Framework 4 when installed on Microsoft Windows XP Service Pack 3 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows XP Professional x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Microsoft Windows Server 2003 for Itanium-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Vista x64 Edition Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 for Itanium-Based Systems Service Pack 2 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for 32-bit Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows 7 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems (KB2742595)[1] Microsoft .NET Framework 4 when installed on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 (KB2742595)[1]
Details	An information disclosure vulnerability exists in the way the Windows Forms in .NET Framework handles pointers to unmanaged memory locations.
Intrusion Protection System (IPS) Response	Sig ID: N/A
Other Detections	AV: N/A Sygate IDS: N/A Symantec Critical System Protection IPS:[SCSPBP2] Generic Windows Service Protection; [SCSPBP4] Windows System Startup Process Protection; [SCSPBP5] Specific Windows Service Protection; [SCSPBP1]: Generic Windows Interactive Protection

Feedback

thumb_up Yes

thumb_down No