<< Back
CVE Number Vulnerability Product Severity Date
MS13-079 Vulnerability in Active Directory Could Allow Denial of Service (2853587) Windows Vista Important 11-09-2013

Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.
Detailed Information on the risk:

A denial of service vulnerability exists in implementations of Active Directory Services and AD LDS that could cause the LDAP directory service to stop responding until an administrator restarts the service. The vulnerability is caused when the LDAP directory service fails to handle a specially crafted query.


Further information on this exploit is available at : MS13-079

Affected Software

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)