Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnMohit KumarTHN:3FCFA5CBD357708BA46B300C9DED3EF1
HistoryJul 07, 2013 - 8:41 a.m.

Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday

2013-07-0708:41:00
Mohit Kumar
thehackernews.com
52

0.001 Low

EPSS

Percentile

24.3%

JSON

Microsoft has announced Patch Tuesday for this July Month, with seven bulletins. Out of that, one is important kernel privilege escalation flaw and six critical Remote Code Execution vulnerabilities.

Patch will address vulnerabilities in Microsoft Windows, .Net Framework, Silverlight and will apply to all versions of Internet Explorer from IE6 on Windows XP to IE10 on Windows 8.

Often targeted by attackers to perform drive-by malware download attacks, remote code execution flaws allow an attacker to crash an application and launch malware payloads often without any sort of notification or interaction form the user.

The Windows 8 maker is also patching a kernel vulnerability disclosed at the beginning of June by Google researcher Tavis Ormandy. The issue is to do with Windows kernel’s EPATHOBJ::pprFlattenRec function (CVE-2013-3660) and after Ormandy released the exploit code, Metasploit module was developed to exploit the bug.

The company is planning to release the update on 9 July. As usual, all fixes will be delivered via the integrated Windows Update, so no user interaction is needed.

Related

thn 2
threatpost 2
prion 2
cvelist 1
msrc 1
attackerkb 1
cisa_kev 1
metasploit 1
seebug 1
packetstorm 1
cve 2
nessus 2
exploitdb 1
ibm 1
openvas 2
securityvulns 1
thn
thn
Beware! Cyber Criminals Spreading Click Fraud Trojan for Making Money
2014-05-11 04:42:00
Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday
2013-07-07 19:41:00
threatpost
threatpost
July 2013 Microsoft Patch Tuesday Security Updates
2013-07-08 09:45:16
TrueType Font Flaws in July 2013 Microsoft Patch Tuesday
2013-07-09 16:03:22
prion
prion
Design/Logic Flaw
2013-05-24 20:55:00
Design/Logic Flaw
2013-05-30 14:55:00
cvelist
cvelist
CVE-2013-3660
2013-05-24 20:00:00
msrc
msrc
Advance Notification Service for July 2013 Security Bulletin Release
2013-07-04 07:00:00
attackerkb
attackerkb
CVE-2013-3660
2013-05-24 00:00:00
cisa_kev
cisa_kev
Microsoft Win32k Privilege Escalation Vulnerability
2022-03-28 00:00:00
metasploit
metasploit
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
2013-09-12 19:36:01
seebug
seebug
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
2014-07-01 00:00:00
packetstorm
packetstorm
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
2013-07-01 00:00:00
cve
cve
CVE-2013-3660
2013-05-24 20:55:00
CVE-2013-3130
2013-05-30 14:55:00
nessus
nessus
Microsoft Windows Kernel Win32k.sys PATHRECORD chain Multiple Vulnerabilities
2013-06-12 00:00:00
MS13-053: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution (2850851)
2013-07-10 00:00:00
exploitdb
exploitdb
Microsoft Windows - 'EPATHOBJ::pprFlattenRec' Local Privilege Escalation (Metasploit)
2013-07-02 00:00:00
ibm
ibm
Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)
2022-02-23 19:48:26
openvas
openvas
Microsoft Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2850851)
2013-07-10 00:00:00
MS Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2850851)
2013-07-10 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2013-07-29 00:00:00

0.001 Low

EPSS

Percentile

24.3%

JSON
Related for THN:3FCFA5CBD357708BA46B300C9DED3EF1
thn2threatpost2prion2cvelist1msrc1attackerkb1cisa_kev1metasploit1seebug1packetstorm1cve2nessus2exploitdb1ibm1openvas2securityvulns1