Microsoft Security Bulletin Summary for August 2013
This bulletin summary lists security bulletins released for August 2013.
With the release of the bulletins for August 2013, this bulletin summary replaces the bulletin advance notification originally issued on August 8, 2013. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.
To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications at http://technet.microsoft.com/security/dd252948.
Critical Security Bulletins
============================
MS13-059
Affected Software:
– Windows XP Service Pack 3
— Internet Explorer 6
— Internet Explorer 7
— Internet Explorer 8
– Windows XP Professional x64 Edition Service Pack 2
— Internet Explorer 6
— Internet Explorer 7
— Internet Explorer 8
– Windows Server 2003 Service Pack 2
— Internet Explorer 6
— Internet Explorer 7
— Internet Explorer 8
– Windows Server 2003 x64 Edition Service Pack 2
— Internet Explorer 6
— Internet Explorer 7
— Internet Explorer 8
– Windows Server 2003 with SP2 for Itanium-based Systems
— Internet Explorer 6
— Internet Explorer 7
– Windows Vista Service Pack 2
— Internet Explorer 7
— Internet Explorer 8
— Internet Explorer 9
– Windows Vista x64 Edition Service Pack 2
— Internet Explorer 7
— Internet Explorer 8
— Internet Explorer 9
– Windows Server 2008 for 32-bit Systems Service Pack 2
— Internet Explorer 7
— Internet Explorer 8
— Internet Explorer 9 (Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for x64-based Systems Service Pack 2
— Internet Explorer 7
— Internet Explorer 8
— Internet Explorer 9 (Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
— Internet Explorer 7
– Windows 7 for 32-bit Systems Service Pack 1
— Internet Explorer 8
— Internet Explorer 9
— Internet Explorer 10
– Windows 7 for x64-based Systems Service Pack 1
— Internet Explorer 8
— Internet Explorer 9
— Internet Explorer 10
– Windows Server 2008 R2 for x64-based Systems Service Pack 1
— Internet Explorer 8
— Internet Explorer 9
— Internet Explorer 10 (Windows Server 2008 R2 Server Core installation not affected)
– Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
— Internet Explorer 8
– Windows 8 for 32-bit Systems
— Internet Explorer 10
– Windows 8 for 64-bit Systems
— Internet Explorer 10
– Windows Server 2012
— Internet Explorer 10 (Windows Server 2012 Server Core installation not affected)
– Windows RT
— Internet Explorer 10
Impact: Remote Code Execution
Version Number: 1.0MS13-060
Affected Software:
– Windows XP Service Pack 3
– Windows XP Professional x64 Edition Service Pack 2
– Windows Server 2003 Service Pack 2
– Windows Server 2003 x64 Edition Service Pack 2
– Windows Server 2003 with SP2 for Itanium-based Systems
Impact: Remote Code Execution
Version Number: 1.0MS13-061
Affected Software:
– Microsoft Exchange Server 2007 Service Pack 3
– Microsoft Exchange Server 2010 Service Pack 2
– Microsoft Exchange Server 2010 Service Pack 3
– Microsoft Exchange Server 2013 Cumulative Update 1
– Microsoft Exchange Server 2013 Cumulative Update 2
Impact: Remote Code Execution
Version Number: 1.0MS13-062
Affected Software:
– Windows XP Service Pack 3
– Windows XP Professional x64 Edition Service Pack 2
– Windows Server 2003 Service Pack 2
– Windows Server 2003 x64 Edition Service Pack 2
– Windows Server 2003 with SP2 for Itanium-based Systems
– bWindows Vista Service Pack 2
– Windows Vista x64 Edition Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
– Windows 7 for 32-bit Systems Service Pack 1
– Windows 7 for x64-based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation affected)
– Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
– Windows 8 for 32-bit Systems
– Windows 8 for 64-bit Systems
– Windows Server 2012 (Windows Server 2012 Server Core installation affected)
– Windows RT
Impact: Elevation of Privilege
Version Number: 1.0MS13-063
Affected Software:
– Windows XP Service Pack 3
– Windows Server 2003 Service Pack 2
– Windows Vista Service Pack 2
– Windows Vista x64 Edition Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
– Windows 7 for 32-bit Systems Service Pack 1
– Windows 7 for x64-based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation affected)
– Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
– Windows 8 for 32-bit Systems
Impact: Elevation of Privilege
Version Number: 1.0MS13-064
Affected Software:
– Windows Server 2012 (Windows Server 2012 Server Core installation not affected)
Impact: Denial of Service
Version Number: 1.0MS13-065
Affected Software:
– Windows Vista Service Pack 2
– Windows Vista x64 Edition Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
– Windows 7 for 32-bit Systems Service Pack 1
– Windows 7 for x64-based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation affected)
– Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
– Windows 8 for 32-bit Systems
– Windows 8 for 64-bit Systems
– Windows Server 2012 (Windows Server 2012 Server Core installation affected)
– Windows RT
Impact: Denial of Service
Version Number: 1.0MS13-066
Affected Software:
– Active Directory Federation Services 1.x when installed on Windows Server 2003 R2 Service Pack 2
– Active Directory Federation Services 1.x when installed on Windows Server 2003 R2 x64 Edition Service Pack 2
– Active Directory Federation Services 2.0 when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
– Active Directory Federation Services 1.x when installed on Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
– Active Directory Federation Services 2.0 when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
– Active Directory Federation Services 1.x when installed on Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)
– Active Directory Federation Services 2.0 when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation not affected)
– Active Directory Federation Services 1.x when installed on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation not affected)
– Active Directory Federation Services 2.1 when installed on Windows Server 2012 (Windows Server 2012 Server Core installation not affected)
Impact: Information Disclosure
Version Number: 1.0