MS13-048 - Important : Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)

Discussion in 'Security Alerts' started by News, Jun 19, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Important
    Revision Note: V1.2 (June 18, 2013): Bulletin revised to announce a detection change in the security update for 2839229 to address the known issue documented in Microsoft Knowledge Base Article 2839229. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
    Summary: This security update resolves one privately reported vulnerability in Windows Kernel. The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.


Share This Page