CVE-2014-4113

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1

Description The issue is related to the improper handling of objects in memory by the kernel-mode driver in Windows, allowing an attacker to gain privileges via a crafted application. This could enable the attacker to run arbitrary code in kernel mode, install programs, view, change, or delete data, or create new accounts with full administrative rights. The vulnerability has been exploited in the wild.

Recommendations For Windows Server 2003 SP2, update to a newer version to mitigate the risk. For Windows Vista SP2, update to a newer version to mitigate the risk. For Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Windows 7 SP1, update to a newer version to mitigate the risk. For Windows 8, update to a newer version to mitigate the risk. For Windows 8.1, update to a newer version to mitigate the risk. For Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Windows RT Gold and 8.1, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the SeDebugPrivilege privilege until a patch is available. Restrict access to the win32k.sys driver to minimize the risk of exploitation. Avoid using the winlogon API until the issue is resolved.