Microsoft out-of-band Security Advisory for Windows Kernel

Microsoft has released an out-of-band bulletin Microsoft Security Advisory (2914486) on Nov 27, 2013 that addresses an Elevation of Privilege vulnerability in Microsoft Kernel component. This vulnerability affects Windows XP and Windows Server 2003. A successful exploit will cause arbitrary code run in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

This vulnerability has been referred by CVE as CVE-2013-5065.

Dell SonicWALL threat team researched this vulnerability the same day and created following GAV signatures to cover the attack.

• GAV: 27311 Inject.DKI (Trojan)
• GAV: 27312 Pidief.SKD (Exploit)

For the Microsoft vulnerabilities covered by SonicWALL, please refer to SonicWALL MAPP for details.