(MS13-048) Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)

  Severity: LOW
  CVE Identifier: CVE-2013-3136
  Advisory Date: JUN 14, 2013


This security update resolves one reported vulnerability in Windows. The vulnerability could allow information theft if an attacker logs on to a system and runs malware specifically crafted to exploit this vulnerability. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. This could potentially cause security compromise of the system, but only if the attacker already had valid logon credentials beforehand.



  • Windows Server 2003 Service Pack 2
  • Windows Vista Service Pack 2
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows XP Service Pack 3
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows 8 for 32-bit Systems
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Featured Stories