Patch Priority Index for May 2013
|MS13-037||CVE-2013-0811, CVE-2013-1306, CVE-2013-1307|
|APSB13-14||CVE-2013-2728, CVE-2013-3324, CVE-2013-3325|
|APSB13-15||CVE-2013-2549, CVE-2013-2550, CVE-2013-2718|
|MS13-042||CVE-2013-1316, CVE-2013-1317, CVE-2013-1318|
|MS Security Advisory 2846338||CVE-2013-1346|
|Oracle Java April CPU||CVE-2013-2383, CVE-2013-2384, CVE-2013-1569|
|MS13-046||CVE-2013-1332, CVE-2013-1333, CVE-2013-1334|
Tripwire’s May Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe and Oracle.
The last few months have seen non-Microsoft updates at the top of the list but this month's IE patch (with it's public vulnerability), Silverlight, and USB hardware (due to the ability to affect locked machines) top the list this month. Further down the list we see the new Visio Viewer and SharePoint patches, along with last months VML update. For details on these bulletins, please see Tripwire's Monthly VERT Alert
In between the Microsoft patches we have the Oracle Java update for the latest public Java vulnerability and the latest updates from Adobe. APSB13-09 is the latest Flash patch, which means Internet Explorer 10 users should apply the available Microsoft update as well. APSB13-07 is the latest update to Adobe Reader and Acrobat.
The final patch this month is another carry over from last month, giving us a third Adobe patch. If you didn't apply APSB13-06, Adobe's latest update for Shockwave, last month, make sure you apply it this month.