Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following vulnerability included in the November 27, 2013 Microsoft security bulletin . Zscaler will continue to monitor exploits associated with this vulnerability and release and deploy additional protections as necessary.
MSA-2914486 – Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
CVE-2013-5065 – Vulnerability in NDProxy driver can lead to Code Execution
Description: There is a local authenticated vulnerability in the NDProxy driver that can lead to code execution in ring0 context. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Zscaler ensures that more than 12 million employees at more than 5,000 enterprise and government organizations worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies. Zscaler’s award-winning Security-as-a-Service platform delivers a safe and productive Internet experience for every user, from any device and from any location. Zscaler effectively moves security into the Internet backbone, operating in more than 100 data centers around the world and enabling organizations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade Internet security, advanced persistent threat (APT) protection, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence–all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com.
Chief Marketing Officer - Zscaler
Zscaler® and the Zscaler Logo are trademarks of Zscaler, Inc.
All other trademarks are the property of their respective firms.