Members
  • Total Members: 12818
  • Latest: martin
Stats
  • Total Posts: 28536
  • Total Topics: 8240
  • Online Today: 1005
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Windows XP, 2003 Server: Product Coverage and Mitigation for CVE-2013-5065  (Read 573 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 723
  • KARMA: 116
  • Gender: Male
  • Pez
Windows XP, 2003 Server: Product Coverage and Mitigation for CVE-2013-5065

On November 27th, 2013, Microsoft published Security Advisory 2914486, which coverers a elevation of privilege vulnerability in certain versions of Windows XP and Windows Server 2003.

The flaw lies in the NDProxy component of the windows kernel.  Note, exploitation requires that an attacker holds local login credentials.

This threat is currently being exploited in limited and targeted attacks.  Functional exploitation and malware artifacts have been identified in the wild.

 
Remediation / Mitigation

Microsoft
Microsoft has provided a workaround to address this issue. Details are available at:

http://technet.microsoft.com/en-us/security/advisory/2914486
 

McAfee Labs
The following McAfee products / content provide coverage

McAfee Vulnerability Manager
 McAfee MVM / FSL Content Release of 11/28/2013
McAfee Antivirus
 Coverage is provided in the 7276 DATs, released on 12/1/2013
 Name – Exploit-CVE2013-5065

 
Further reading:
Analyzing the Recent Windows Zero-Day Escalation of Privilege Exploit


Original article: By Jim Walter on Dec 12, 2013
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising