Assessing risk for the January 2014 security updates

Today we released four security bulletins addressing six CVE’s. All four bulletins have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin...

MS14-003: Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2913602)

The remote host contains a flaw in the way the Windows kernel handles thread-owned window handle objects. Successful exploitation could allow a local attacker to take complete control of an affected system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid71943;...

Windows Manage Driver Loader

This module loads a KMD Kernel Mode Driver using the Windows Service API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SERVICEDEMANDSTART', 'boot' = 'SERVICEBOOTSTART', 'auto' =...

PT-2013-4717 · Microsoft · Windows Server 2003 +7

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows Server 2012 Description: An information disclosu...

CVE-2013-3128

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitra...

CVE-2013-3881

The CVE-2013-3881 issue, described as Win32k NULL Page Vulnerability, affects Windows 7 SP1 and Windows Server 2008 R2 SP1 via win32k.sys. Connected sources provide concrete details: an elevation of privilege vulnerability where local attackers can gain full control by crafting an application tha...

PT-2013-4711 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 and R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsoft Window...

CVE-2013-1341

CVE-2013-1341 affects the Windows kernel component win32k.sys (kernel-mode drivers) and allows local privilege escalation via a crafted application on several Windows families. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8. Root cause: ...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2876315)

This host is missing an important security update according to Microsoft Bulletin MS13-076. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Kernel 'Win32k.sys'本地权限提升漏洞(CVE-2013-3167)

BUGTRAQ ID: 60949 CVECAN ID: CVE-2013-3167 Microsoft Windows是微软公司推出的一系列操作系统。 Windows 内核模式驱动程序不正确地处理内存对象的方式中存在一个信息泄露漏洞，可能导致特权提升。 0 Microsoft Windows Windows XP Service Pack 3 Microsoft Windows Windows Vista x64 Edition Serv Microsoft Windows Windows Vista Service Pack 2 Microsoft Windows Windows...

PT-2013-3095 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsof...

Microsoft Windows Kernel-Mode Driver Denial of Service Vulnerability (2845690)

This host is missing an important security update according to Microsoft Bulletin MS13-049. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2013-3660

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2840221)

This host is missing an important security update according to Microsoft Bulletin MS13-046. OpenVAS Vulnerability Test $Id: secpodms13-046.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2840221 Authors: Arun Kallavi Copyright:...

MS13-046: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2840221)

The Windows kernel on the remote host has the following vulnerabilities : - A privilege escalation vulnerability exists in the Microsoft DirectX graphics kernel subsystem. CVE-2013-1332 - A privilege escalation vulnerability exists in the Windows kernel-mode driver. CVE-2013-1333, CVE-2013-1334 A...

CVE-2013-1285

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to...

CVE-2013-1266

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kerne...

PT-2013-3007 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Microsoft...

MS13-005: Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930)

The remote host contains a flaw in the way the Windows kernel handles window broadcast messages. Successful exploitation could allow an attacker to take complete control of an affected system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid63423; scriptversion"1.15";...

CVE-2012-2556

CVE-2012-2556 : OpenType Font (OTF) parsing vulnerability in Windows kernel‑mode drivers allows remote code execution via a crafted font file. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT. Root cause: improper hand...