Jump to content
Dragos

Unpatched kernel-level vuln affects all Windows versions

Recommended Posts

  • Moderators
Posted

Researchers have identified a kernel-level vulnerability in Windows that allows attackers to gain escalated privileges and may also allow them to remotely execute malicious code. All versions of the Microsoft OS are affected, including the heavily fortified Windows 7.

The buffer overflow, which was originally reported here, can be exploited to escalate privileges or crash vulnerable machines, IT research company Vupen said. The flaw may also allow attackers to execute arbitrary code with kernel privileges.

The bug resides in the “CreateDIBPalette()” function of a device driver known as “Win32k.sys.” It is exploited by pasting a large number of color values into an improperly allocated buffer, potentially allowing attackers to sneak in malicious payloads, vulnerability tracking service Secunia warned.

It affects fully patched installations of every supported Windows platform, from Windows XP SP 3 to Windows Vista, 7, and Server 2008. The latter three versions contain several defenses designed to lessen the effect of security vulnerabilities. It wouldn't be surprising if code execution attacks were possible only on earlier versions that don't have the defenses, which include DEP, or data execution prevention, and ASLR, short for address space layout randomization.

There are no reports of the vulnerability being exploited in the wild. Microsoft said it is investigating the reports but didn't have additional information. Microsoft is scheduled to issue a record 14 security bulletins during next week's Patch Tuesday.

http://www.theregister.co.uk/2010/08/06/unpatched_windows_kernel_vuln/

Posted

Ce zice cel care a descoperit problema (arkon) pe blogul sau:

"It’s very hard to exploit it for code execution, on the edge of impossible. That’s why I felt safe about releasing it publicly :)

Still curious, if anybody is able to do it."

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...