|
|
>> Microsoft Windows Kernel Privilege Escalation Vulnerabilities (MS08-061)
|
|
Multiple vulnerabilities have been identified in Microsoft Windows, which could be exploited by local attackers to gain elevated privileges.
The first issue is caused by an error in the Windows kernel that improperly processes input passed from a parent to a child window when a new window is created, which could allow malicious users to run arbitrary code in kernel mode.
The second vulnerability is caused by a double free error in the Windows kernel when handling certain system calls from multiple threads, which could allow malicious users to execute arbitrary code with kernel privileges.
The third issue is caused due to the Windows kernel improperly validating input passed from user mode to the Kernel, which could allow malicious users to cause a memory corruption and run arbitrary code in kernel mode.
Credits
Vulnerabilities reported by Paul Caton (iShadow) and Thomas Garnier (SkyRecon).
ChangeLog
2008-10-14 : Initial release
Vulnerability Management
Subscribe to VUPEN Security VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@vupen.com. | |
|
