MS13-077: Vulnerability in Windows Service Control Manager could allow elevation of privilege: September 10, 2013

INTRODUCTION

Microsoft has released security bulletin MS13-077. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues with this security update

While you are installing this security update, or after you install this security update on an x64-based version of Windows 7 SP1 or Windows Server 2008 R2 SP1, you may experience either of the following issues:

  • You receive a STOP 0x6B error message when you restart a computer after you perform a specific System Restore operation. For example, the issue might occur in the following scenario:
    • You install this security update. During the installation, a restore point is automatically created.
    • You perform a System Restore operation to restore the system to the restore point that was created by this security update.
    • The computer is restarted. Notice that the system is now in an unprotected state because the security update was removed.
    • You try to undo the System Restore operation.
    • The computer is restarted, and then you receive the STOP 0x6B error message.
    To resolve this issue, you can use the Startup Repair recovery tool. For more information, go to the following Microsoft webpage:
  • When the system is restarted to complete the installation of this security update, you receive a STOP 0x6B error message. This problem may occur if either of the following registry entries is missing:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-ntdll_31bf3856ad364e35_none_13be95395ddc6d7a
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-ntdll_31bf3856ad364e35_none_1e133f8b923d2f75
    The missing registry entries could be caused by corruption in the registry or elsewhere in the system. Be aware that the corruption would have existed before the security update was installed. The corruption is not caused by the security update.



    Note As a mitigation for this issue, this security update will not be automatically offered to systems that do not have these registry entries. We are still looking for evidence to determine whether this is a widely applicable issue when the registry entries are missing.
Note Not all STOP 0x6B errors are caused by the issues that are described in this article.

FILE INFORMATION

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.


Windows 7 and Windows Server 2008 R2 file information
File hash information
Properties

Article ID: 2872339 - Last Review: Sep 30, 2013 - Revision: 1

Feedback