Zenith Live is coming to Europe in October. Join us! Learn More
Zenith Live is coming to Europe in October. Join us!
Learn More

Zero trust security

Make it possible

Your Mission

 

Security Advisory - December 10, 2013

Zscaler Protects against Memory Corruption in Internet Explorer, WinVerifyTrust, and Use-After-Free in Scripting Runtime Object Library Vulnerabilities

 

 

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 7 vulnerabilities included in the December 2013 Microsoft security bulletins.  Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections as necessary.

MS13-097Multiple Memory Corruption Vulnerabilities in Internet Explorer
Severity: Critical
Affected Software

  • Internet Explorer 6-11

CVE-2013-5047 – Internet Explorer Memory Corruption Vulnerability
CVE-2013-5048 – Internet Explorer Memory Corruption Vulnerability
CVE-2013-5049 – Internet Explorer Memory Corruption Vulnerability
CVE-2013-5051 – Internet Explorer Memory Corruption Vulnerability
CVE-2013-5052 – Internet Explorer Memory Corruption Vulnerability

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

MS13-098WinVerifyTrust Signature Validation
Severity: Critical
Affected Software

  • Windows XP (All Versions)
  • Microsoft Server 2003 (All Versions)
  • Microsoft Vista (All Versions)
  • Microsoft Server 2008 (All Versions)
  • Windows 7 (All Versions)
  • Windows 8 (All Versions)
  • Windows Server 2012 (All Versions)

CVE-2013-3900 – WinVerifyTrust Signature Validation Vulnerability

MS13-099Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library
Severity: Critical
Affected Software

  • Windows XP (All Versions)
  • Microsoft Server 2003 (All Versions)
  • Microsoft Vista (All Versions)
  • Microsoft Server 2008 (All Versions)
  • Windows 7 (All Versions)
  • Windows 8 (All Versions)
  • Windows Server 2012 (All Versions)

CVE-2013-5056 – Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library

Description: This is a remote code execution vulnerability in the Microsoft Scripting Runtime Object Library. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

MSA-2914486Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege

Severity: Critical
Affected Software

  • Windows XP (All Versions)
  • Windows Vista (All Versions)
  • Windows 7 (All Versions)
  • Windows 8 (All Versions)
  • Windows Server 2003/2008

CVE-2013-5065Vulnerability in NDProxy driver can lead to Code Execution

Description: There is a local authenticated vulnerability in the NDProxy driver that can lead to code execution in ring0 context. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.