On May 14, 2013, Microsoft released its scheduled patch update for May 2013. This month's update covers vulnerabilities in the Microsoft Windows operating system, Internet Explorer, Microsoft .NET Framework, Microsoft Lync, Microsoft Office, and Microsoft Windows Essentials. Ten security bulletins have been released to address these issues.
This month's update addresses CVE-2013-1347, a zero-day vulnerability that was seen in the wild as part of a watering hole attack.
Customers are advised to install all applicable updates as soon as possible.
Microsoft Security Bulletin Summary for May 2013
New Internet Explorer 8 Zero-Day Used in Watering Hole Attack
Microsoft Internet Explorer CVE-2013-1347 Use-After-Free Remote Code Execution Vulnerability