|FireEye Labs uncovered the zero-day vulnerability in Microsoft's Windows XP and Server 2003, which is being targeted by hackers, experts warn. The bug, called CVE-2013-5065, is being exploited although details of how and where are scant, say analysts. |
The security experts are urging XP users to ditch the old Windows version and upgrade to Windows 7 or higher.
According to the blog: "the vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel.
"This local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit that appears to target a patched vulnerability. The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3."
Others, too, have joined FireEye Lab's call to pack XP in.
SophosLabs expert Paul Ducklin is calling on Microsoft faithful to "get off XP onto any later version of Windows."
Microsoft are ending support for Windows XP is ending on April 8, next year technical assistance for XP will no longer be available.