homepage Welcome to WebmasterWorld Guest from 107.20.37.62
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
Forum Library, Charter, Moderators: bill

Deprecated - Microsoft Windows OS (XP/NT/Vista) Forum

    
MS Windows Local Privilege Escalation Zero-Day in The Wild
bill




msg:4626865
 3:35 am on Nov 30, 2013 (gmt 0)

http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html [fireeye.com]


MS Windows Local Privilege Escalation Zero-Day in The Wild


FireEye Labs has identified a new Windows local privilege escalation vulnerability in the wild. The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel. Currently, the exploit appears to only work in Windows XP.

This local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit that appears to target a patched vulnerability. The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3. Those running the latest versions of Adobe Reader should not be affected by this exploit.

...

Mitigations

The following actions will protect users from the in-the-wild PDF exploit:
  1. Upgrade to the latest Adobe Reader
  2. Upgrade to Microsoft Windows 7 or higher

 

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Deprecated - Microsoft Windows OS (XP/NT/Vista)
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved