← ExploitWatch
HomeExploited Vulnerabilities

CVE-2013-3900 — Actively Exploited: WinVerifyTrust function (Microsoft)

A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.

CVE IDCVE-2013-3900
VendorMicrosoft
ProductWinVerifyTrust function
Vulnerability nameMicrosoft WinVerifyTrust function Remote Code Execution
Date added2022-01-10
Remediation due2022-07-10
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionA remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →