Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities

Last Update Date: 15 Feb 2012 12:05 Release Date: 15 Feb 2012 4325 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

  1. GDI Access Violation Vulnerability

    A remote code execution vulnerability exists in the Windows kernel due to improper validation of input passed from user mode through the kernel component of GDI. The vulnerability could allow an attacker to run code in kernel-mode and then install programs; view, change, or delete data; or create new accounts with full administrative rights.

  2. Keyboard Layout Use After Free Vulnerability

    An elevation of privilege vulnerability exists due to the way that the Windows kernel-mode driver manages specific keyboard layouts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Impact

  • Remote Code Execution

System / Technologies affected

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Color Control Panel Insecure Library Loading Vulnerability

15 Feb 2012 4282 Views

Next

Microsoft Internet Explorer Multiple Vulnerabilities

15 Feb 2012 4263 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY