MS13-098: Vulnerability in Windows could allow remote code execution: December 10, 2013

INTRODUCTION

Microsoft has released security bulletin MS13-098. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues with this security update

  • After you install this security update on a computer that is running Windows Server 2003, the Remote Desktop Services service may not start. This issue occurs if the computer has the EnableCertPaddingCheck registry value enabled.

    To work around this problem, disable the EnableCertPaddingCheck registry value.

    For more information about EnableCertPaddingCheck, see the following Microsoft TechNet topic: Microsoft is researching this problem and will post more information in this article when the information becomes available.
  • After you install this security update on a computer that is running Windows Vista or Windows Server 2008, the computer name might change to "MINWINPC." When this problem occurs, you cannot log on to computer even if you restart the computer. When you try to log on, you may receive an error message that resembles the following: 

    The username or password is incorrect.

    This issue occurs when you install the security update on a system that has partly corrupted data or when the following registry subkey does not exist:
    HKEY_LOCAL_MACHINE\SCHEMA\wcm://Microsoft-Windows-CoreOS?##########
    Note In this subkey, <##########> may be any text.

    If the HKEY_LOCAL_MACHINE\SCHEMA registry subkey does not exist, you can verify the issue by loading the %SystemRoot%\system32\SMI\Store\Machine\SCHEMA.DAT file.

    Important
    This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
    322756 How to back up and restore the registry in Windows


    To resolve this issue, follow these steps:
    1. Start the computer in safe mode.
    2. Click Start, click Run, type regedit in the Open box, and then click OK.
    3. Locate and then click the following subkeys in the registry:
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
    4. Change the ActiveComputerName and ComputerName REG_SZ registry entries so that they use the correct computer name.
    5. Exit Registry Editor, and then restart the computer.
    To avoid this issue, run the System Update Readiness Tool before you install the security update. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    947821 Fix Windows Update corruption errors such as 0x80070002 and 0x80070057

    How to determine whether the problem is resolved

    If the tool fixed this problem, the following entry is added to the %WinDir%\Logs\CBS\CheckSUR.log file:
     
    Recreated missing key: wcm://Microsoft-Windows-CoreOS?...\metadata\elements\ComputerName


    The tool will add the following entries to the CheckSUR.log file whether it actually fixes the problem or not:

     
    Recreated value: @_type.
    Recreated value: @dataOnly.
    Recreated value: @default.
    Recreated value: @description.
    Recreated value: @displayName.
    Recreated value: @handler.
    Recreated value: @legacyName.
    Recreated value: @legacyType.
    Recreated value: @migrate.
    Recreated value: @scope.
    Recreated value: @xsd:type.
  • FILE INFORMATION

    The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.


    Windows XP and Windows Server 2003 file information
    Windows Vista and Windows Server 2008 file information
    Windows 7 and Windows Server 2008 R2 file information
    Windows 8 and Windows Server 2012 file information
    Windows 8.1 and Windows Server 2012 R2 file information
    File hash information
    Properties

    Article ID: 2893294 - Last Review: Apr 17, 2014 - Revision: 1

    Feedback