MS13-063: Vulnerabilities in Windows kernel could allow elevation of privilege: August 13, 2013

Applies to: Windows 8Windows 8 EnterpriseWindows 8 Pro More

INTRODUCTION


Microsoft has released security bulletin MS13-063. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information


Known issues with this security update



  • While you are installing this security update, or after you install this security update on computer that is running Windows 7 SP1 or Windows Server 2008 R2 SP1, you may experience either of the following issues:

    • You receive a STOP 0x6B error message when you restart a computer after you perform a specific System Restore operation. For example, the issue may occur in the following scenario:
      • You install this security update. During the installation, a restore point is automatically created.
      • You perform a System Restore operation to restore the system to the restore point that was created by this security update.
      • The computer is restarted. Notice that the system is now in an unprotected state because the security update was removed.
      • You try to undo the System Restore operation.
      • The computer is restarted, and then you receive the STOP 0x6B error message.
    To resolve this issue, you can use the Startup Repair recovery tool. For more information, go to the following Microsoft webpage:



    • When the system is restarted to complete the installation, you receive a STOP 0x6B error message. This problem may occur if either of the following registry entries is missing:
      • On x64-based systems
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-ntdll_31bf3856ad364e35_none_13be95395ddc6d7a
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-ntdll_31bf3856ad364e35_none_1e133f8b923d2f75
      • On x86-based systems
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-ntdll_31bf3856ad364e35_none_b79ff9b5a57efc44
      The missing registry entries could be caused by corruption in the registry or elsewhere in the system. Be aware that the corruption would have existed before the security update was installed. The corruption is not caused by the security update.

      Note This security update was replaced by security update 2872339. As a mitigation for this issue, security update 2872339 will not be automatically offered to systems that do not have these registry entries. We are still looking for evidence to determine whether this is a widely applicable issue when the registry entries are missing.

    Note Not all STOP 0x6B errors are caused by the issues that are described in this article.
  • Some users may experience issues that affect certain programs after they install security update 2859537. In some cases, the programs may not start successfully.

    For example:


    • We observed that two Games published by Trion Worlds (Rift and Defiance) did not start on Windows 7, x64-based systems after this update was applied. The game publishers have patched both the games, and the games are now compatible with security update 2859537.
    • We observed that some programs did not start, and the users received an error message that resembles the following:


      The application was unable to start correctly (0xc0000005). Click OK to close the application.
      This problem can occur when the system has an instrumented version of "ntoskrnl.exe" installed. We do not support this scenario.

    The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

FILE INFORMATION


The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.