MS13-098 is Back?

InsightVM is flagging Windows 10 computers as having the CVE-2013-3900: MS13-098 vulnerability even though they have already been fixed. I confirmed this easily by checking my own device and saw that the registry entries matched the MS recommendation. This is suddenly cropping up today.

Anybody else seeing this?

1 Like

Hey @gglenm our Engineering Team are currently aware of this and testing a fix as we speak

Thank you @pmcauley. Any chance we could get a post back here when it’s deployed?

Hi @gglenm happy to report it will be included in today’s content release

1 Like

Hey @pmcauley_pmcauley has this been resolved? I still show this as an issue in my console.

Yes, this was fixed right when you said it would be.

Hi @bcoy yes a fix was pushed out for this, if you are still experiencing issues please make sure you are latest version 6.6.230. If the issue still persists please reach out to our support team and we’ll be able to investigate with you.

Hi,

On our Win 11 i set the key with this powershell skript: MS13-098 anyone? - #13 by jmerchant, but Rapid7 Insight Agent or the backend ist still flagging the system for CVE-2013-3900. Any ideas where the problem is?

Hi @pmcauley_pmcauley, I’m working with a client where MS13-098 is still being reported as a vulnerability on Windows devices. The client is running 6.6.248 console version. Do the reg keys really need to be deployed to all Windows instances regardless of OS type?

Still an issue for me as well.

Security console version - 6.6.260
Agent Version on endpoints - 4.0.9.38
I have 1022 assets and 1013 of them are reporting this vulnerability.