Executive Summary
Summary | |
---|---|
Title | Update for the Windows Operating System Loader |
Informations | |||
---|---|---|---|
Name | KB2506014 | First vendor Publication | 2011-04-12 |
Vendor | Microsoft | Last vendor Modification | 1970-01-01 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft is announcing the availability of an update to winload.exe to address an issue in driver signing enforcement. While this is not an issue that would require a security update, this update addresses a method by which unsigned drivers could be loaded by winload.exe. This technique is often utilized by malware to stay resident on a system after the initial infection. The issue affects, and the update is available for, x64-based editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information about this release, see Microsoft Knowledge Base Article 2506014. For more information about this issue, see the following references: This advisory discusses the following software. What is the scope of the advisory? What causes this issue to occur? What is the Windows OS Loader (winload.exe)? What is driver signing? What is a rootkit? Does this update remove a rootkit from an infected system? How can I determine if my system is infected with a rootkit? How do I uninstall a rootkit? Will this update prevent future infections from occurring? Why is this update only available for x64-based systems? I am a developer who ships signed binaries. Will this update require me to re-sign all of my binaries? How will Microsoft list this update on the Windows Update Web site? Will this update be distributed over Automatic Updates? Is this an update that requires a bulletin? This is a security advisory about a non-security update. Isn't that a contradiction? Review the Microsoft Knowledge Base Articles that are associated with this advisory We encourage customers to install these updates. Customers who are interested in learning more about these updates should review Microsoft Knowledge Base Article 2506014. For more information about the terminology that appears in this advisory, such as "update," see Microsoft Knowledge Base Article 824684. Protect Your Computer We continue to encourage customers to follow our Protect Your Computer guidance of enabling a firewall, getting software updates and installing antivirus software. Customers can learn more about these steps by visiting Protect Your Computer. Keep Windows updated All Windows users should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit Windows Update, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them. |
Original Source
Url : http://www.microsoft.com/technet/security/advisory/2506014.mspx |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:38 |
|