MS15-063: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (3063858)

The remote Windows host is affected by a privilege escalation vulnerability due to improper validation of user-supplied input to the Microsoft Windows LoadLibrary. A remote attacker can exploit this vulnerability by convincing a user to place a specially crafted dynamic linked library dll file in...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03066)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03070)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Memory Address Checksum Privilege Elevation Vulnerability

Microsoft Windows is a popular operating system. A security vulnerability exists in Microsoft Windows due to a failure of the kernel to properly validate memory addresses, which allows local attackers to exploit the vulnerability to build special applications that bypass KASLR protection and...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03062)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

About 1 5 years 5 months to repair the two 0day-vulnerability warning-the black bar safety net

Ticker 2 0 1 5 year 5 month 1 2 day, Microsoft pushed a 5-month patch day patch includes IE, Windows kernel, Windows kernel driver, Office and other components of the security updates. This month the repair of the two 0day vulnerabilities MS15-0 5 2 are fixed in the Windows kernel security featur...

MS15-052: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (3050514)

The remote Windows host is affected by a security feature bypass vulnerability due to a failure to properly validate memory addresses by the Windows kernel. A remote attacker can exploit this flaw, via a specially crafted application, to bypass the Kernel Address Space Layout Randomization KASLR,...

MS15-052: Vulnerability in Windows kernel could allow security feature bypass: May 12, 2015

Resolves a vulnerability in Windows that could allow security feature bypass if an attacker logs on to an affected system and runs a specially crafted application.SummaryThis security update resolves a vulnerability in Microsoft Windows that could allow security feature bypass if an attacker logs...

Flash, Reader, Firefox and IE All Fall On First Day of Pwn2Own

Four different research teams on Wednesday cracked four products–Adobe Flash, Reader, Mozilla Firefox, and Microsoft Internet Explorer—and collectively earned a payout of $317,000 on the first day of Pwn2Own 2015. The annual hacking contest, which kicked off Wednesday in Vancouver, runs...

Microsoft windows kernel local elevation of privilege vulnerability (CNVD-2015-01619)

Microsoft Windows is a popular operating system. A local elevation of privilege vulnerability exists in Microsoft windows kernel due to the program failing to properly check and execute the emulation level. A local attacker is allowed to exploit the vulnerability to build a malicious application...

Microsoft windows kernel mode driver kernel information disclosure vulnerability (CNVD-2015-01617)

Microsoft Windows is a popular operating system. A security vulnerability exists in the Microsoft windows kernel mode driver due to the program not properly verifying the calling thread token. The vulnerability allows an attacker to obtain administrator authentication credentials, which can be us...

Microsoft windows kernel mode driver null pointer reference vulnerability

Microsoft Windows is a popular operating system. A null pointer reference vulnerability exists in the Microsoft Windows kernel mode driver that can disclose the contents of kernel memory. The vulnerability allows attackers to obtain sensitive information and bypass ASLR protection...

Microsoft windows kernel mode driver kernel information disclosure vulnerability (CNVD-2015-01615)

Microsoft Windows is a popular operating system. The Microsoft Windows kernel mode driver leaks sensitive address information when calling functions, allowing attackers to exploit the vulnerability to obtain sensitive information and bypass ASLR protection...

Microsoft windows kernel local elevation of privilege vulnerability (CNVD-2015-01620)

Microsoft Windows is a popular operating system. Microsoft windows kernel suffers from a local elevation of privilege vulnerability M, due to Windows registry virtualization failing to properly restrict user access to virtual storage modifications. It allows local attackers to exploit the...

MS15-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)

The remote Windows host is affected by multiple privilege escalation vulnerabilities : - An elevation of privilege vulnerability exists due to Windows Registry Virtualization improperly allowing a user to modify the virtual store of another user. A local attacker, with a specially crafted...

Privilege escalation

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2015-01104)

Microsoft Windows is a popular operating system. A security vulnerability in Microsoft Windows 'Win32k.sys' handling of in-memory objects allows local attackers to exploit the vulnerability to elevate privileges and execute arbitrary code in kernel context...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2015-01105)

Microsoft Windows is a popular operating system. A security vulnerability in Microsoft Windows 'Win32k.sys' handling of in-memory objects allows local attackers to exploit the vulnerability to elevate privileges and execute arbitrary code in kernel context...

MS15-010: Vulnerabilities in Windows kernel mode driver could allow remote code execution: February 10, 2015

Resolves vulnerabilities in Microsoft Windows that could allow remote code execution if an attacker convinces a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType fonts.SummaryThis security update resolves one publicly disclosed and five...

VulnCheck KEV: CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font...