(MS13-019) Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2790113)
Publish Date: 13 février 2013
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2013-0076
Date du conseil: 13 février 2013
Description
This patch addresses a vulnerability found in Microsoft Windows, which could allow elevation of privilege once a remote attacker logs and runs a specially crafted application on the system. Note, however that remote attackers need to log on locally to be able to exploit this.
Solutions
Affected software and version:
- Windows 7 for 32-bit Systems
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for Itanium-based Systems
- Windows Server 2008 R2 for Itanium-based Systems Service Pack 1