Patch Priority Index for March 2013

Bulletin CVE
MS12-021 CVE-2013-1288, CVE-2013-0087, CVE-2013-0088
MS12-022 CVE-2013-0074
MS12-027 CVE-2013-1285, CVE-2013-1286, CVE-2013-1287
Oracle Security Alert for CVE-2013-1493 CVE-2013-1493, CVE-2013-0809
APSB13-09 CVE-2013-0646, CVE-2013-0650, CVE-2013-1371
APSB13-07 CVE-2013-0640, CVE-2013-641
MS13-023 CVE-2013-0079
MS13-024 CVE-2013-0080, CVE-2013-0083, CVE-2013-0084
MS13-010 CVE-2013-0030
APSB13-06 CVE-2013-0635, CVE-2013-0636

Tripwire’s March Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe, and Oracle.

The last few months have seen non-Microsoft updates at the top of the list but this month's IE patch (with it’s public vulnerability), Silverlight, and USB hardware (due to the ability to affect locked machines) top the list this month. Further down the list we see the new Visio Viewer and SharePoint patches, along with last months VML update. For details on these bulletins, please see Tripwire's Monthly VERT Alert.

In between the Microsoft patches we have the Oracle Java update for the latest public Java vulnerability and the latest updates from Adobe. APSB13-09 is the latest Flash patch, which means Internet Explorer 10 users should apply the available Microsoft update as well. APSB13-07 is the latest update to Adobe Reader and Acrobat.

The final patch this month is another carry over from last month, giving us a third Adobe patch. If you didn’t apply APSB13-06, Adobe’s latest update for Shockwave, last month, make sure you apply it this month.