===================================================================== CERT-Renater Note d'Information No. 2013/VULN344 _____________________________________________________________________ DATE : 14/08/2013 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows versions XP, Server 2003, Vista, Server 2008, 7, 8. ====================================================================== KB2859537 http://technet.microsoft.com/en-us/security/bulletin/ms13-063 ______________________________________________________________________ Microsoft Security Bulletin MS13-063 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2859537) Published Date: August 13, 2013 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Windows. The most severe vulnerabilities could allow elevation of privilege if an attacker logged on locally and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. This security update is rated Important for supported 32-bit editions of Windows XP, Windows Server 2003, and Windows 8; and all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Affected Software Windows XP Service Pack 3 (2859537) Windows Server 2003 Service Pack 2 (2859537) Windows Vista Service Pack 2 (2859537) Windows Vista x64 Edition Service Pack 2 (2859537) Windows Server 2008 for 32-bit Systems Service Pack 2 (2859537) Windows Server 2008 for x64-based Systems Service Pack 2 (2859537) Windows Server 2008 for Itanium-based Systems Service Pack 2 (2859537) Windows 7 for 32-bit Systems Service Pack 1 (2859537) Windows 7 for x64-based Systems Service Pack 1 (2859537) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (2859537) Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (2859537) Windows 8 for 32-bit Systems(2859537) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)(2859537) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) (2859537) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) (2859537) Vulnerability Information ASLR Security Feature Bypass Vulnerability - CVE-2013-2556 A security feature vulnerability exists in Windows due to improper implementation of Address Space Layout Randomization (ASLR). The vulnerability could allow an attacker to bypass the ASLR security feature, most likely during or in the course of exploiting a remote code execution vulnerability. The attacker could then load a DLL in the process. Windows Kernel Memory Corruption Vulnerabilities Elevation of privilege vulnerabilities exist in the Windows kernel due to a memory corruption condition in the NT Virtual DOS Machine (NTVDM). An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================