Microsoft Patch Tuesday, January 2013 - Part II

It's now official, there is another bulletin (MS13-008) release for the month of January and affected Microsoft Windows users should be expecting a out-band security patch soon. This out-of-band security patch fixes one memory corruption vulnerability discovered in Internet Explorer affecting version 6-8 that can result in remote code execution. Any vulnerability that allow remote code execution is critical and it should be patched ASAP.

Microsoft rates it critical for Windows client platforms, like Windows 7, which are more susceptible for users to be surfing the web and therfore tricked in visiting a specially crafted webpage. However, Microsoft rates this vulnerability as moderate for affected Windows OS server platforms because who really surfs the web using Windows Server 2008 anyways. Additionally, this bulletin does not affect all Windows users including those who own a shinny new tablet running Windows 8 RT or Windows 8 so some of us will be spared from this one at least.

This Internet Explorer vulnerability (CVE-2012-4792) was revealed in late December when Microsoft published Security Advisory 2794220 and released a 'Fix it' patch. However, a security research team discovered a bypass to circumvent this protection in early January which potentially left many of us vulnerable without using a third-party solution. Trustwave Secure Web Gateway customers have been protected against this threat from the get–go. The SpiderLabs team has provided analysis about this vulnerability in the "Dissecting a CVE-2012-4792 Payload" blog post and more information about the SWG protections can be read in the "Internet Explorer - 2012 Last Minute 0-Day".

Affected Microsoft Windows users will automagically recieve this fix through security updates and the patch will be successfully installed after a restart. Alternatively, users can address this security issue manually by upgrading to Internet Explorer 9 or 10.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.