Microsoft Windows Kernel-Mode Drivers Elevation of Privilege Vulnerabilities

Last Update Date: 13 May 2015 14:37 Release Date: 13 May 2015 3241 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

Multiple Microsoft Windows Kernel Memory Disclosure Vulnerabilities
Information disclosure vulnerabilities exist when the Windows kernel-mode driver leaks private address information during a function call, which could allow the disclosure of kernel memory contents revealing information about the system to an attacker. The information disclosure vulnerabilities by themselves do not allow arbitrary code execution. However, an attacker could use them in conjunction with another vulnerability to bypass security features, such as Address Space Layout Randomization (ASLR). The security update addresses the vulnerabilities by correcting how the kernel-mode driver handles objects in memory.
Win32k Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Win32k.sys kernel-mode driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.