Microsoft released the January 2013 security bulletin

Microsoft pushed the first security bulletin in January 2013 for global users, with a total of 7 patches, of which 2 security patches were rated at the highest level "serious> , involving Windows, Office, developer tools, Server software and other products.

1. Vulnerability in Windows Print Spooler component could allow remote code execution Security Bulletin: MS13-001 Level: Critical Knowledge Base Number: KB2769369 Abstract: This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow remote code execution if the print server receives a specially crafted print job. Using firewall best practices and standard default firewall configurations helps protect the network from attacks originating outside the enterprise. As a best practice, the number of ports exposed by systems directly connected to the Internet should be as small as possible. Impact System: Windows 7, Windows Server 2008 R2

2. Vulnerabilities in Microsoft XML Core Services could allow remote code execution Security Bulletin: MS13-002 Level: Critical KB Number: KB2756145 Abstract: This security update is resolved Two privately reported vulnerabilities in Microsoft XML Core Services. If a user views a specially crafted webpage using Internet Explorer, all vulnerabilities could allow remote code execution. However, an attacker cannot force a user to visit such a website. Instead, an attacker would have to convince a user to visit the site, typically by having the user click a link in an email or Instant Messenger message to link the user to the attacker's website. Affect the system: Windows XP, Windows Vista, Windows 7, Windows 8, and Windows RT

3. Vulnerabilities in System Center Operations Manager may allow elevation of privilege Security Bulletin: MS13-003 Level: Important Knowledge Base Number: KB2748552 Summary: This security update resolves two privately reported vulnerabilities in Microsoft System Center Operations Manager. These vulnerabilities could allow elevation of privilege if a user accesses an affected website through a specially crafted URL. However, an attacker cannot force a user to visit such a website. Instead, an attacker would have to convince a user to visit the site, typically by having the user click a link in an email or Instant Messenger message to link the user to the affected site. Impact Software: Microsoft System Center Operations Manager 2007

Vulnerabilities in the .NET Framework Could Allow Elevation of Privilege Security Bulletin: MS13-004 Level: Important KB Q: KB2769324 Abstract: This security update resolves .NET Four Secretly Reported Vulnerabilities in the Framework The most severe of these vulnerabilities could allow elevation of privilege if a user views a specially crafted web page using a web browser that can run the XAML Browser Application (XBAP). Windows .NET applications may also use this vulnerability to bypass code access security (CAS) restrictions. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged in user. Users whose accounts are configured to have fewer system user rights are less affected than users with administrative user rights. Impact software: .NET Framework 1.0, .NET Framework 1.1, .NET Framework 2.0, .NET Framework 3.5, .NET Framework 3.5.1, .NET Framework 4, and .NET Framework 4.5

5, Windows kernel mode Vulnerabilities in Drivers Could Allow Elevation of Privilege Security Bulletin: MS13-005 Level: Important KB Content: KB2778930 Abstract: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application. Impact System: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT

6. Vulnerabilities in Microsoft Windows may allow security features to be bypassed Security Bulletin: MS13 -006 Level: Important KB Content: KB2785220 Abstract: This security update resolves a privately reported vulnerability in the SSL and TLS implementation of Microsoft Windows. The vulnerability could allow security features to bypass if an attacker intercepts an encrypted web communication handshake. Impact System: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT

7. Vulnerabilities in Open Data Protocols may allow denial of service Security Bulletin: MS13- 007 Level: Important Knowledge Base Number: KB2769327 Abstract: This security update resolves a privately reported vulnerability in the Open Data (OData) protocol. The vulnerability could allow denial of service if an unauthenticated attacker sends a specially crafted HTTP request to an affected website. Using firewall best practices and standard default firewall configurations helps protect the network from attacks originating outside the enterprise. As a best practice, keep the number of ports exposed to the system connected to the Internet as small as possible. Impact software: .NET Framework 3.5, .NET Framework 3.5, .NET Framework 3.5.1, and .NET Framework 4