PT-2013-4718 · Microsoft · Windows Vista+5
Published
2013-10-09
·
Updated
2024-10-17
·
CVE-2013-3888
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows Vista SP2
Microsoft Windows Server 2008 SP2
Microsoft Windows Server 2008 R2 SP1
Microsoft Windows 7 SP1
Description
An elevation of privilege issue exists due to improper handling of objects in memory by the Microsoft DirectX graphics kernel subsystem. This could allow an attacker to run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full administrative rights.
Recommendations
For Microsoft Windows Vista SP2, update to a newer version that contains a fix for this issue.
For Microsoft Windows Server 2008 SP2, update to a newer version that contains a fix for this issue.
For Microsoft Windows Server 2008 R2 SP1, update to a newer version that contains a fix for this issue.
For Microsoft Windows 7 SP1, update to a newer version that contains a fix for this issue.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Directx
Windows
Windows 7
Windows Server 2008
Windows Server 2008 R2
Windows Vista