
Patched the vulnerabilities
The monthly release of a set of patches Microsoft has corrected a previously unknown Windows vulnerability that allows a potential attacker to compromise the security of your computer system using a normal USB-drive and a simple exploit.
Vulnerability MS13-027 – this is one of the seven bulletins issued by issued by the company a few days ago.
In addition, the company has released patches for browsers Internet Explorer 6-10, running operating systems Windows XP, Vista, 7, 8 and RT. Underwent corrective and plug Microsoft Silverlight, released as on Windows, and under Mac OS X. Third critically dangerous bug has been eliminated in the products included in the suite Microsoft Office, in particular in the Office Filter Pack and Visio. The fourth critical patch released for Microsoft Sharepoint and it affects only the business users of Microsoft.
The updates are available through Windows Update, critical fixes will be installed on supported systems automatically.
Vulnerability: privilege escalation Microsoft Windows
Danger: Low
Patch: Yes
Number of vulnerabilities: 3
CVE ID: CVE-2013-1285
CVE-2013-1286
CVE-2013-1287
Vector of operation: Local
Impact: Privilege escalation
Affected Products:
– Microsoft Windows XP Home Edition;
– Microsoft Windows XP Professional;
– Microsoft Windows Server 2003 Web Edition;
– Microsoft Windows Server 2003 Standard Edition;
– Microsoft Windows Server 2003 Enterprise Edition;
– Microsoft Windows Server 2003 Datacenter Edition;
– Microsoft Windows Storage Server 2003;
– Microsoft Windows Vista;
– Microsoft Windows Server 2008;
– Microsoft Windows 7;
– Microsoft Windows 8;
– Microsoft Windows Server 2012.
Affected versions:
– Microsoft Windows XP;
– Microsoft Windows 2003;
– Microsoft Windows Vista;
– Microsoft Windows 2008;
– Microsoft Windows 7;
– Microsoft Windows 2008 R2;
– Microsoft Windows 8;
– Microsoft Windows 2012.
Description:
Can be exploited by local users to gain escalated privileges on the target system.
1. An error in the processing of objects in memory in the USB driver. A local user can gain escalated privileges on the system.
2. An error in the processing of objects in memory in the USB driver. A local user can gain escalated privileges on the system.
3. An error in the processing of objects in memory in the USB driver. A local user can gain escalated privileges on the system.
Solution: Install the update from the manufacturer.
Links:
MS13-027: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986) – http://technet.microsoft.com/en-us/security/bulletin/ms13-027