MS13-098: Vulnerability in Windows Could Allow Remote Code Execution (2893294)

high Nessus Plugin ID 71313

Synopsis

The remote host is affected by a remote code execution vulnerability.

Description

The remote host contains a version of Microsoft Windows that is affected by a remote code execution vulnerability. The vulnerability exists in the method in which the WinVerifyTrust function deals with Windows Authenticode signature verification for portable executable files. An attacker could modify an existing signed executable to add malicious code without invalidating the signature. An attacker could then convince a user to run this signed executable and gain complete control of the system.

Solution

Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, 2008 R2, 8, 2012, 8.1 and 2012 R2.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-098

Plugin Details

Severity: High

ID: 71313

File Name: smb_nt_ms13-098.nasl

Version: 1.11

Type: local

Agent: windows

Published: 12/11/2013

Updated: 1/18/2022

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/10/2013

Vulnerability Publication Date: 12/10/2013

CISA Known Exploited Dates: 7/10/2022

Reference Information

CVE: CVE-2013-3900

BID: 64079

IAVA: 2013-A-0227

MSKB: 2893294

MSFT: MS13-098