ms13-102

MS13-102 is a security bulletin from Microsoft addressing a vulnerability in the LRPC (Local Remote Procedure Call) client that could allow elevation of privilege. The update, released on December 10, 2013, resolves a privately reported issue where an attacker with valid logon credentials could send a specially crafted LPC port message to any LPC consumer or server. Successful exploitation could enable the attacker to install programs, view or change data, or create new accounts with full administrator rights. The vulnerability requires local access to exploit. This bulletin is part of Microsoft's ongoing efforts to patch critical security flaws in Windows systems.