Live Global Events: Secure, Simplify, and Transform Your Business.

Zscaler Security Advisories

Security Advisory - November 27, 2013

Zscaler Protects Against Vulnerability in NDProxy driver can lead to Code Execution

Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following vulnerability included in the November 27, 2013 Microsoft security bulletin .  Zscaler will continue to monitor exploits associated with this vulnerability and release and deploy additional protections as necessary.

MSA-2914486Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege

Severity: Critical
Affected Software

  • Windows XP (All Versions)
  • Windows Vista (All Versions)
  • Windows 7 (All Versions)
  • Windows 8 (All Versions)
  • Windows Server 2003/2008

CVE-2013-5065Vulnerability in NDProxy driver can lead to Code Execution

Description: There is a local authenticated vulnerability in the NDProxy driver that can lead to code execution in ring0 context. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.