MS13-071: Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063)
9
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
09/10/2013
07/25/2018
09/10/2013
06/26/2020
Description
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user applies a specially crafted Windows theme on their system. In all cases, a user cannot be forced to open the file or apply the theme; for an attack to be successful, a user must be convinced to do so.
Solution(s)
- WINDOWS-HOTFIX-MS13-071-00e1bcaa-5937-42b4-9641-634da41ae9dc
- WINDOWS-HOTFIX-MS13-071-2c300c86-c8ed-4ef0-a117-7e495efe6726
- WINDOWS-HOTFIX-MS13-071-4a89176f-007d-4aa9-a42d-eb4f411d4090
- WINDOWS-HOTFIX-MS13-071-5d6b0f46-bde3-49ac-85b4-8d4f2297927f
- WINDOWS-HOTFIX-MS13-071-644db154-e457-4059-a571-914f2a06ea4e
- WINDOWS-HOTFIX-MS13-071-986547f8-73a3-4480-a6f0-621f223ca41f
- WINDOWS-HOTFIX-MS13-071-c807ef5f-623c-46d3-bf52-60925cdd13ce
- WINDOWS-HOTFIX-MS13-071-ca74a722-3dbd-4a7c-82fc-d8fad6120b0e
- WINDOWS-HOTFIX-MS13-071-ddb7e80f-3f1c-43e3-9b1d-d7ff89f0251a
- WINDOWS-HOTFIX-MS13-071-fc5c5c03-360c-4cc6-a9cd-2b60c262082b
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center