2. March Patches
• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
3. March Patches
• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
4. March Patches
• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
• Oracle Java 0-day – March, 4: Java v7u17
5. March Patches
• Microsoft March, 12: 7 bulletins – MS13-021-MS13-027
• 4 critical, 3 important
• Internet Explorer MS13-0021 – Metasploit available
• USB MS13-027 – “Evil Maid” attack
• Adobe Flash – 4 critical
• Oracle Java 0-day – March, 4: Java v7u17
• CanSecWest – Pwn2Own Competition
• Oracle Java 4x US$20,000
• Chrome, Firefox, Internet Explorer – each US$ 100,000
• Adobe Flash and Reader – each US$70,000
6. April Patches
• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
7. April Patches
• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
• Adobe Flash – 4 critical
• PWN2OWN – but not Adobe Reader
8. April Patches
• Microsoft April, 9: 9 bulletins – MS13-028-MS13-036
• 2 critical, 7 important
• Internet Explorer MS13-0028
• RDP ActiveX MS13-029
• No PWN2OWN
• Adobe Flash – 4 critical
• PWN2OWN – but not Adobe Reader
• Oracle Java Scheduled Patch Day – April, 16
• Out-of-band scheduled
• Java 6 now end of life
• PWN2OWN unlikely
14. March/April Patch related
EMET - Enhanced Mitigation Experience Toolkit
• Straight jacket for Windows programs
• Checks for often abused attack vectors
• DEP, ASLR bypass, Headspray, StackPivot, ROP
• Often cited by Microsoft as a valid mitigation
technique
• V3.5
• manageable via GPO
• Integration of BlueHat Prize Mitigation Technologies