In a follow up to Patch Tuesday, Microsoft has pulled a CVE from the list of issues fixes by MS13-080. Their comments on the issue are:
- Reason for Revision: V1.3 (October 10, 2013): Bulletin revised to remove CVE-2013-3871 from the vulnerabilities addressed by this update. Including this CVE in the original security bulletin text was a documentation error. CVE-2013-3871 is scheduled to be addressed in a future security update. This is an informational change only. Customers who have already successfully updated their systems do not need to take any action.
The removed issue is not one of the two known to be in active exploitation at this time.