MS13-098: Vulnerability in Windows Could Allow Remote Code Execution (2893294)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote code execution
vulnerability.

Description :

The remote host contains a version of Microsoft Windows that is
affected by a remote code execution vulnerability. The vulnerability
exists in the method in which the WinVerifyTrust function deals with
Windows Authenticode signature verification for portable executable
files. An attacker could modify an existing signed executable to add
malicious code without invalidating the signature. An attacker could
then convince a user to run this signed executable and gain complete
control of the system.

See also :

https://technet.microsoft.com/en-us/security/bulletin/ms13-098

Solution :

Microsoft has released a set of patches for Windows XP, 2003, Vista,
2008, 7, 2008 R2, 8, 2012, 8.1 and 2012 R2.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 71313 ()

Bugtraq ID: 64079

CVE ID: CVE-2013-3900