Microsoft Windows Kernel-Mode Drivers Elevation of Privilege Vulnerabilities

Last Update Date: 13 Dec 2013 Release Date: 11 Dec 2013 3107 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

Win32k Memory Corruption Vulnerability
An elevation of privilege vulnerability exists in the way that the Win32k.sys kernel-mode driver validates address values in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges.
Win32k Use After Free Vulnerability
An elevation of privilege vulnerability exists in the Microsoft Windows kernel. This vulnerability is caused when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
TrueType Font Parsing Vulnerability
A denial of service vulnerability exists in the Microsoft Windows kernel. This vulnerability is caused when the Windows kernel improperly processes a specifically crafted TrueType font file. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding and restart.
Port-Class Driver Double Fetch Vulnerability
An elevation of privilege vulnerability exists in the way that the Windows audio port-class driver (portcls.sys) handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevated privileges.
Win32k Integer Overflow Vulnerability
A denial of service vulnerability exists in the way that the Win32k.sys kernel-mode driver handles objects in memory. An attacker who successfully exploited this vulnerability could cause the target system to stop responding.