Patch Priority Index for March 2013
|MS12-021||CVE-2013-1288, CVE-2013-0087, CVE-2013-0088|
|MS12-027||CVE-2013-1285, CVE-2013-1286, CVE-2013-1287|
|Oracle Security Alert for CVE-2013-1493||CVE-2013-1493, CVE-2013-0809|
|APSB13-09||CVE-2013-0646, CVE-2013-0650, CVE-2013-1371|
|MS13-024||CVE-2013-0080, CVE-2013-0083, CVE-2013-0084|
Tripwire’s March Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe, and Oracle.
The last few months have seen non-Microsoft updates at the top of the list but this month's IE patch (with it’s public vulnerability), Silverlight, and USB hardware (due to the ability to affect locked machines) top the list this month. Further down the list we see the new Visio Viewer and SharePoint patches, along with last months VML update. For details on these bulletins, please see Tripwire's Monthly VERT Alert.
In between the Microsoft patches we have the Oracle Java update for the latest public Java vulnerability and the latest updates from Adobe. APSB13-09 is the latest Flash patch, which means Internet Explorer 10 users should apply the available Microsoft update as well. APSB13-07 is the latest update to Adobe Reader and Acrobat.
The final patch this month is another carry over from last month, giving us a third Adobe patch. If you didn’t apply APSB13-06, Adobe’s latest update for Shockwave, last month, make sure you apply it this month.