Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following vulnerability included in the November 27, 2013 Microsoft security bulletin . Zscaler will continue to monitor exploits associated with this vulnerability and release and deploy additional protections as necessary.
MSA-2914486 – Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
CVE-2013-5065 – Vulnerability in NDProxy driver can lead to Code Execution
Description: There is a local authenticated vulnerability in the NDProxy driver that can lead to code execution in ring0 context. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Zscaler is transforming enterprise networking and security with the world’s largest Direct-to-Cloud Network, which securely enables the productivity benefits of cloud, mobile and social technologies without the cost and complexity of traditional on-premise appliances and software. The Zscaler Direct-to-Cloud Network processes daily more than 12 billion transactions from more than 12 million users in 180 countries across 100 global data centers with near-zero latency. Learn why more than 4,500 global enterprises choose Zscaler to enable end-user productivity, enforce security policy and streamline WAN performance. Visit us at www.zscaler.com
Sr. PR Manager - Zscaler
Office Phone: +1-408-786-9285
Zscaler® and the Zscaler Logo are trademarks of Zscaler, Inc. All other trademarks are the property of their respective firms.