(MS13-052) Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)

  Severity: CRITICAL
  CVE Identifier: CVE-2013-3178,CVE-2013-3134,CVE-2013-3132,CVE-2013-3131,CVE-2013-3171,CVE-2013-3129,CVE-2013-3133
  Advisory Date: AUG 23, 2013

  DESCRIPTION

This security update resolves five reported vulnerabilities and two publicly disclosed vulnerabilities in Microsoft .NET Framework and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a trusted application uses a particular pattern of code. An attacker who successfully exploits this vulnerability may gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft .NET Framework 1.0 Service Pack 3
  • Microsoft .NET Framework 1.1 Service Pack 1
  • Microsoft .NET Framework 2.0 Service Pack 2
  • Microsoft .NET Framework 3.0 Service Pack 2
  • Microsoft .NET Framework 3.5 Service Pack 1
  • Microsoft .NET Framework 4
  • Microsoft .NET Framework 4.5
  • Microsoft .NET Framework 3.5.1
  • Microsoft .NET Framework 3.5

Featured Stories