Microsoft released eight (8) bulletins. Three of the bulletins are identified as Critical with the remaining five bulletins rated Important.
The updates address vulnerabilities in Internet Explorer and Microsoft Windows. Please refer to the MSRC Blog post,
Authenticity and the November 2013 Security Updates, for additional information about the updates, including the update to EMET and a new policy for CA's (Certificate Authorities).
The update in MS13-090 addresses CVE-2013-3918 which affects an Internet Explorer ActiveX Control which was publicly disclosed.
Details about the updates as well as links to additional references are available in my blog post at
Microsoft Security Updates for November 2013.
