Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Print Spooler vulnerability could allow remote code execution


Report ID: MS201301001
Date Published: 10 January 2013

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Windows 7
Windows Server 2008 R2




Summary

A vulnerability in Microsoft Windows Print Spooler might lead to a memory corruption condition, which an attacker could use to execute code on an affected system.



Detailed Description

Microsoft has released a security update to address a vulnerability in Windows Print Spooler, which was caused by the component's failure in handling a specially crafted print job. This failure may lead to a memory corruption condition that an attacker could use to execute arbitrary code and take control of a compromised system.

The vulnerability has been addressed in the latest security update by correcting the way of handling print jobs. Users are recommended to install the update onto their system as a protection measure against potential exploit attempts.



CVE Reference

CVE-2013-0011



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-001)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.