In our last post, we warned of a new Windows local privilege escalation vulnerability being used in the wild. We noted that the Windows bug (CVE-2013-5065) was exploited in conjunction with a patched Adobe Reader bug (CVE-2013-3346) to evade the Reader sandbox. CVE-2013-3346 was exploited to execute the attacker’s code in the sandbox-restricted Reader process, where CVE-2013-5065 was exploited to
![CVE-2013-3346/5065 Technical Analysis | FireEye Blog](https://cdn-ak-scissors.b.st-hatena.com/image/square/b01a5bc00c8abfbcb927919f31b9164a71aeb3f1/height=288;version=1;width=512/http%3A%2F%2Fwww.fireeye.com%2Fblog%2Fwp-content%2Fuploads%2F2013%2F12%2Fsec1.png)