CVE-2013-3660 - Microsoft Win32k Privilege Escalation Vulnerability
Project:Microsoft
Product:Win32k
Date Added:2022-03-28Due Date:2022-04-18
Vulnerability Name
Microsoft Win32k Privilege Escalation Vulnerability
Description
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2013-3660