Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows kernel vulnerability could allow information disclosure


Report ID: MS201306002
Date Published: 25 June 2013

Criticality: Important
Compromise Type: information-disclosure
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows 8




Summary

A vulnerability in the Windows kernel could lead to information disclosure.



Detailed Description

Microsoft has issued a security update to address an information disclosure vulnerability in the Windows kernel. The vulnerability was caused by improper handling of certain page fault system calls. An attacker could exploit this vulnerability into disclosing information from kernel memory on the local system, which could be used to further compromise the system.

This issue has been resolved through the update by correcting the way Windows handles certain page fault system calls. Users are recommended to install the latest update to protect their system from possible exploit attempts.



CVE Reference

CVE-2013-3136



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-048)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.