Microsoft Windows Kernel KMD Security Feature Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security feature bypass vulnerability exists in Microsoft Windows Kernel KMD, which can be exploited by an attacker to elevate privileges...

Privilege escalation

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service...

Windows TrackPopupMenu Win32k NULL Pointer Dereference Exploit

This Metasploit module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary code execution. This Metasploit module...

Microsoft Windows Kernel Privilege Escalation Vulnerabilities (2930275)

This host is missing an important security update according to Microsoft Bulletin MS14-015 OpenVAS Vulnerability Test $Id: gbms14-015.nasl 6724 2017-07-14 09:57:17Z teissa $ Microsoft Windows Kernel Privilege Escalation Vulnerabilities 2930275 Authors: Antu Sanadi Copyright: Copyright C 2014...

Microsoft January 2014 Patch Tuesday Security Updates

Microsoft is entering softly into 2014 with a minimalist version of Patch Tuesday, which is likely to be a welcome reprieve. Windows shops can expect a busy re-tooling year ahead as Microsoft not only ends support—including security updates—for Windows XP, but also will restrict the use of MD5 in...

MS13-046: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2840221)

The Windows kernel on the remote host has the following vulnerabilities : - A privilege escalation vulnerability exists in the Microsoft DirectX graphics kernel subsystem. CVE-2013-1332 - A privilege escalation vulnerability exists in the Windows kernel-mode driver. CVE-2013-1333, CVE-2013-1334 A...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2840221)

This host is missing an important security update according to Microsoft Bulletin MS13-046. OpenVAS Vulnerability Test $Id: secpodms13-046.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2840221 Authors: Arun Kallavi Copyright:...

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2807986)

This host is missing an important security update according to Microsoft Bulletin MS13-027. OpenVAS Vulnerability Test $Id: secpodms13-027.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2807986 Authors: Arun Kallavi Copyright:...

MS12-078: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2783534)

The remote Windows host is affected by the following remote code execution vulnerabilities : - An OpenType Font parsing vulnerability exists due to the way OpenType font files are handled. CVE-2012-2556 - A TrueType Font parsing vulnerability exists due to the way TrueType font files are...

PT-2012-3592 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows kernel-mode driver versions prior to the fixed version Description: The issue is related to the improper handling of user-mode input passed to kernel mode, allowing local users to gain privileges via a crafted application. An elevatio...

CVE-2011-1888

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CV...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)

This host is missing a critical security update according to Microsoft Bulletin MS11-034. OpenVAS Vulnerability Test $Id: secpodms11-034.nasl 8724 2018-02-08 15:02:56Z cfischer $ Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2506223 Authors: Veerendra GG Copyright: Copyright c...

Microsoft Windows Kernel-Mode Drivers Win32k Memory Corruption (MS11-012; CVE-2011-0090)

The Windows kernel-mode driver win32k.sys is a kernel-mode device driver and is the kernel part of the Windows subsystem. It contains the window manager and the Graphics Device Interface GDI. It also serves as a wrapper for DirectX support. An elevation of privilege vulnerability has been...

Microsoft Office TIFF Image Converter内存破坏漏洞(MS10-098)

BUGTRAQ ID: 45285 CVE ID: CVE-2010-3950 Microsoft Office是非常流行的办公软件套件。 Microsoft Office处理包含畸形结构数据的TIFF图形文件时存在漏洞，攻击者可利用此漏洞通过诱使用户打开恶意Office文件以当前登录的用户身份执行任意代码或造成拒绝服务。 Microsoft Office XP SP3 Microsoft Works 9.0 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS10-098）以及相应补丁: MS10-098：Vulnerabilities...

Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)

Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 981957 Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves several publicly disclosed vulnerabilities in the...

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execu...