Threat Level: green Handler on Duty: Richard Porter

SANS ISC InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel 0 day exploit in wild

Published: 2013-11-28
Last Updated: 2013-11-28 01:05:44 UTC
by Rob VandenBrink (Version: 1)
3 comment(s)

Fireeye posted a story earlier today outlining a zero day affecting XP and Windows 2003:

Microsoft has followed it up with a matching post:
Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel Could Allow Elevation of Privilege:

Note that the temporary fix outlined breaks some windows features, specifically some IPSEC VPN functions.

The real story here isn't the zero day or the workaround fix, or even that Adobe is involved.  The real story is that this zero day is just the tip of the iceberg.  Malware authors today are sitting on their XP zero day vulnerabilities and attacks, because they know that after the last set of hotfixes for XP is released in April 2014 (which we're now officially calling "WinMageddon"), that their exploits will work forever against hundreds of thousands (millions?) of XP workstations.   ( )

If you are still running Windows XP, there is no project on your list that is more important than migrating to Windows 7 or 8.  The "never do what you can put off until tomorrow" project management approach on this is on a ticking clock, if you leave it until April comes you'll be migrating during active hostilities.

Rob VandenBrink

3 comment(s)
Diary Archives