virus logo Intrusion Prevention

Microsoft.Windows.Could.Allow.Remote.Code.Execution.MS13-098

description-logoDescription

Microsoft security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user or application runs or installs a specially crafted, signed portable executable (PE) file on an affected system.
Microsoft has addressed this issue in its security advisory: https://technet.microsoft.com/en-us/security/bulletin/ms13-098 .

affected-products-logoAffected Products

Windows XP
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)

Impact logoImpact

The vulnerable system can be compromised by a remote attacker to retrieve content or modify application setting on the system. Therefore there is a risk of creating a denial of service scenario, exposing sensitive information or executing arbitrary code.

recomended-action-logoRecommended Actions

Please apply patches and work around as instructed in https://technet.microsoft.com/en-us/security/bulletin/ms13-098 .

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 37682
Created Dec 17, 2013
Updated Dec 17, 2013
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 81.25%
Default Action Unavailable
Active
Profile Type N/A