Microsoft out-of-band Security Advisory for Windows Kernel
Microsoft has released an out-of-band bulletin Microsoft Security Advisory (2914486) on Nov 27, 2013 that addresses an Elevation of Privilege vulnerability in Microsoft Kernel component. This vulnerability affects Windows XP and Windows Server 2003. A successful exploit will cause arbitrary code run in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
This vulnerability has been referred by CVE as CVE-2013-5065.
Dell SonicWALL threat team researched this vulnerability the same day and created following GAV signatures to cover the attack.
- GAV: 27311 Inject.DKI (Trojan)
- GAV: 27312 Pidief.SKD (Exploit)
For the Microsoft vulnerabilities covered by SonicWALL, please refer to SonicWALL MAPP for details.