PT-2013-4196 · Microsoft · Windows Vista+6
Published
2013-07-09
·
Updated
2023-12-07
·
CVE-2013-3167
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Windows XP versions SP2 through SP3
Windows Server 2003 version SP2
Windows Vista version SP2
Windows Server 2008 versions SP2 through R2 SP1
Windows 7 version SP1
Description
The issue is related to the improper handling of objects in memory by the Windows kernel-mode driver, which could lead to elevation of privilege. This is due to the way the
win32k.sys driver handles memory.Recommendations
For Windows XP versions SP2 through SP3, update to a newer version to mitigate the risk.
For Windows Server 2003 version SP2, update to a newer version to mitigate the risk.
For Windows Vista version SP2, update to a newer version to mitigate the risk.
For Windows Server 2008 versions SP2 through R2 SP1, update to a newer version to mitigate the risk.
For Windows 7 version SP1, update to a newer version to mitigate the risk.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 7
Windows Server 2003
Windows Server 2008
Windows Vista
Windows Xp
Win32K.Sys