Patch Summary Webinar February 14

Patch Overview January/February

Wolfgang Kandek, Qualys, Inc

February 14, 2012

January Patches• Microsoft January 8: 7 bulletins – MS13-001-MS13-007

• 2 critical, 5 important

• XML MS13-002



• XML MS13-002

• Adobe Reader - January 8



• XML MS13-002


• Oracle Java 0-day - January 13

• First announced on January 10 – Java 7 update 11



• XML MS13-002




• Microsoft 0-day Internet Explorer – January 14

• In the wild as of Dec 22

• MS13-008



• XML MS13-002




• Microsoft 0-day Internet Explorer – January 14

• In the wild as of Dec 22

• MS13-008

• Oracle Critical Patch Update – January 15

• MySQL, RDBMS, Fusion, ERP, CRM, VirtualBox, …

• 80 vulnerabilities

February Patches• Oracle Java 0-day – February 1

• Exploit code in the wild – Java 7 update 13

• Java 6 now end of life




• Adobe Flash 0-day - Febuary 7

• Windows and Macintosh






• Microsoft February 12: 12 bulletins MS13-009 - MS13-020


• Internet Explorer MS13-009 and MS13-010

• Exchange MS13-020










• Adobe Flash – Febuary 12




• Adobe Flash 0-day - February 7






• Adobe Flash – February 12

• Adobe Reader 0-day – February12

• In the wild – no patch yet

Patch Monitoring• Microsoft

• Apple

• Adobe

• Flash

• Reader

• Oracle Java

Patch Summary Webinar February 14

Technology

Transcript of Patch Summary Webinar February 14