Security Advisory

Microsoft Security Advisory 2819682

Published: March 26, 2013

Version: 1.0

Microsoft is announcing the availability of security updates for Windows Store applications running on Windows 8, Windows RT, and Windows Server 2012 (Windows Server 2012 Server Core installations are not affected). The updates address vulnerabilities that are detailed in the Knowledge Base articles associated with each update.

On March 26, 2013, Microsoft released a security update on the Windows Store for Windows Modern Mail. Microsoft recommends that customers running this software apply the update as soon as possible using the Windows Store Apps update feature. For more information about this update, see Microsoft Knowledge Base Article 2832006.

This update addresses the following vulnerability:

• Windows Modern Mail Spoofing Vulnerability (CVE-2013-1299)

  Severity: Moderate
  Acknowledgement: Microsoft thanks Alex Wolff of BrownWolff for reporting this vulnerability.
  Additional information: To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2013-1299.

• You can provide feedback by completing the Microsoft Help and Support form, Customer Service Contact Us.

• Customers in the United States and Canada can receive technical support from Security Support. For more information about available support options, see Microsoft Help and Support.
• International customers can receive support from their local Microsoft subsidiaries. For more information about how to contact Microsoft for international support issues, visit International Support.
• Microsoft TechNet Security provides additional information about security in Microsoft products.

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

• V1.0 (March 26, 2013): Announced availability of update 2832006 for Windows Modern Mail.

Built at 2014-04-18T13:49:36Z-07:00