Security Advisory - November 27, 2013
Zscaler Protects Against Vulnerability in NDProxy driver can lead to Code Execution
Zscaler, working with Microsoft through their MAPPs program has proactively deployed protections for the following vulnerability included in the November 27, 2013 Microsoft security bulletin . Zscaler will continue to monitor exploits associated with this vulnerability and release and deploy additional protections as necessary.
MSA-2914486 – Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege
- Windows XP (All Versions)
- Windows Vista (All Versions)
- Windows 7 (All Versions)
- Windows 8 (All Versions)
- Windows Server 2003/2008
CVE-2013-5065 – Vulnerability in NDProxy driver can lead to Code Execution
Description: There is a local authenticated vulnerability in the NDProxy driver that can lead to code execution in ring0 context. The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.