Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution


(Microsoft Security Bulletin MS13-002CVE-2013-0007 )

Summary


A remote code execution vulnerability in the XML Core Services in Windows could allow a remote attacker to execute malicious code on a targeted system. The Check Point IPS Software Blade protects systems at the network level against this issue.

Details

The Windows XML Core Services component allows users who use JScript, Visual Basic Scripting Edition (VBScript), and Microsoft Visual Studio 6.0 to develop XML-based applications that provide interoperability with other applications that adhere to the XML 1.0 standard.

The vulnerability is due to an error in the way XML data is parsed. A remote attacker could take advantage of this by enticing a targeted user to open a specially crafted web page that contains malicious XML. The resulting memory corruption could allow the attacker to take complete control of the user's system and run arbitrary code on it.

Affected Products

  • Windows XP Service Pack 3
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 2
  • Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7 for 32-bit Systems
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for Itanium-based Systems

Solution


Check Point recommends deploying the update described in MS13-002 as soon as is practical. The Check Point IPS Software Blade protects unpatched systems in the latest IPS update by detecting and blocking attempts to exploit this vulnerability. For more information, see CPAI-2012-1346.

 

Originally Published:

Last Updated: 09-Jan-2013

Legal Notice for Threat Center Advisories