Windows Service Control Manager vulnerability could allow escalation of privilege
Report ID: MS201309011
Date Published: 11 September 2013
Criticality: Important
Compromise Type: privilege-escalation
Compromise From: remote
Affected Product/Component:
Windows 7
Windows Server 2008 R2
Summary
A vulnerability in Windows Service Control Manager (SCM) could allow an attacker to execute code on an affected system within the context of the Service Control Manager (service.exe).
Detailed Description
Microsoft has released a security update to address a vulnerability in the Windows Service Control Manager (SCM). The vulnerability was caused when SCM retrieves a corrupted service description from the Windows registry, resulting in "double-free" condition. An attacker who successfully exploited this vulnerability could be able to execute code in the context of the Service Control Manager (service.exe).
The vulnerability has been patched through the latest security update which corrected the way that SCM handles objects in memory when presented with corrupted service description. Users are recommended to install the update onto their system as a protection measure against exploit attempts.
CVE Reference
CVE-2013-3862
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-077)
F-Secure Health Check
F-Secure's free tool, the Health Check, detects if your system is missing the patch for the vulnerability covered in this report.
