Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Print Spooler vulnerability could allow escalation of privilege


Report ID: MS201306004
Date Published: 25 June 2013

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: unknown


Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8
Windows Server 2012
Windows RT




Summary

A vulnerability in Windows Print Spooler could be exploited into allowing an attacker to run code on an affected system with system privileges.



Detailed Description

Microsoft has issued a security update to address a vulnerability in Windows Print Spooler, which could be exploited into allowing an attacker to execute code with system privileges. The vulnerability was caused by improper memory handling when a printer connection is deleted.

This issue has been resolved through the latest update by correcting the way that Windows Print Spooler allocates memory when a printer connection is deleted. Users are recommended to install the update onto their system as a protection measure against possible exploit attempts.



CVE Reference

CVE-2013-1339



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-050)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.