Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
Win32k Use After Free Vulnerability
An elevation of privilege vulnerability exists due to the way that Windows kernel-mode drivers manage kernel-mode driver objects. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Win32k Null Pointer De-reference Vulnerability
An elevation of privilege vulnerability exists due to the way that Windows kernel-mode drivers manage pointers to kernel-mode driver objects. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Win32k Incorrect Parameter Allows Information Disclosure Vulnerability
An information disclosure vulnerability exists due to the way that Windows kernel-mode drivers validate function parameters. An attacker who successfully exploited this vulnerability could access data from any kernel-mode memory location, including access to the SAM file.
Impact
- Elevation of Privilege
System / Technologies affected
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://www.microsoft.com/technet/security/bulletin/ms11-054.mspx
Vulnerability Identifier
- CVE-2011-1874
- CVE-2011-1875
- CVE-2011-1876
- CVE-2011-1877
- CVE-2011-1878
- CVE-2011-1879
- CVE-2011-1880
- CVE-2011-1881
- CVE-2011-1882
- CVE-2011-1883
- CVE-2011-1884
- CVE-2011-1885
- CVE-2011-1886
- CVE-2011-1887
- CVE-2011-1888
Source
Related Link
Share with