CVE-2013-3893 entry in Program and Features control panel - What is it?

Discussion in 'General Software and Applications' started by Darren Hodgson, Oct 16, 2013.

  1. Darren Hodgson

    Darren Hodgson Ancient Guru

    Messages:
    14,941
    Likes Received:
    5
    GPU:
    EVGA GTX 1080 Ti SC2
    I was just looking through CCleaner's Uninstall section and I noticed a single entry for CVE-2013-3893 with no publisher or version number. It was installed on 5th October 2013, the same day I updated from Windows 8 Pro to Windows 8.1 Pro.

    What is this?

    Is it a virus (and, if so, then why would it leave an uninstall entry)? If it's a legit Windows application that why does it look so suspicious? I've ran both Windows Defender and Malwarebytes' Anti-Malware and neither report anything out of the ordinary. :3eyes:

    Do I have a virus or not?
     
  2. sverek

    sverek Ancient Guru

    Messages:
    2,944
    Likes Received:
    21
    GPU:
    AMD / NVIDIA
  3. Darren Hodgson

    Darren Hodgson Ancient Guru

    Messages:
    14,941
    Likes Received:
    5
    GPU:
    EVGA GTX 1080 Ti SC2
    I found this: http://www.hawaii.edu/technews/notice.php?id=252743

    I've Googled this but I can find no mention of an entry in Program and Features and I do not have KB2879017 installed either as mentioned in that link. I'm confused as to whether this is an official fix by Microsoft, in which case why does it look so suspicious, or whether it is in fact something malicious, in which case why did it create a control panel entry that makes it so obvious. I guess the good news is that I use Firefox for browsing not IE.

    Should I uninstall it or would that trigger whatever it is?

    HELP!

    Does anyone else have this entry, simply listed as 'CVE-2013-3893' under Programs and Features?
     
    Last edited: Oct 16, 2013
  4. Darren Hodgson

    Darren Hodgson Ancient Guru

    Messages:
    14,941
    Likes Received:
    5
    GPU:
    EVGA GTX 1080 Ti SC2
    It seems this is the Windows Update fix to address CVE-2013-3893: http://www.microsoft.com/en-us/download/details.aspx?id=40716

    I downloaded it but when I ran it I was told that it was already installed. So is that what the CVE-2013-3893 entry refers to, i.e. it is the hotfix because I cannot see it listed under Installed Updates or in the Windows Update history?

    *EDIT*
    It is listed under Windows Update's history and was installed on 9th October 2013 which is after the CVE-2013-3893 entry I have under Program and Features. :3eyes:
     

  5. Darren Hodgson

    Darren Hodgson Ancient Guru

    Messages:
    14,941
    Likes Received:
    5
    GPU:
    EVGA GTX 1080 Ti SC2
    AStaley found out what this was.

    It's apparently an entry created by a Microsoft Fixit, specifically 51001, to address the IE exploit called CVE-2013-3893. Of course, if they'd bothered to make the Programs and Features entry a bit more obvious - "Microsoft Fixit 51001 for CVE-2013-3893', publisher: Microsoft, etc, etc. - then I'd wouldn't have had to waste mine and others' time trying to find out what it was.

    I do not even recall running the Microsoft Fixit to be honest. Anyway, on the off-chance that someone else comes across the same issue I've posted this. To remove this entry, you need only run Microsoft Fixit 51002 as explained here: http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx
     

Share This Page