PT-2013-3038 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Microsoft...

PT-2013-3024 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: A...

MS13-017: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494)

The Windows kernel on the remote host has the following vulnerabilities : - Multiple race condition vulnerabilities exists. CVE-2013-1278, CVE-2013-1279 - A reference count vulnerability exists. CVE-2013-1280 A local attacker could exploit any of these vulnerabilities to elevate privileges. C...

Running Desktop Apps on Windows RT, The Hackers Way!

A hacker claims to have found a method in the code integrity mechanism in Windows RT, that allow one to bypass security mechanism preventing unauthorized software running on ARM-powered Windows RT tablets. Lets see, How to Run traditional desktop apps on Windows RT in a Hackers Way! A hacker call...

MS12-078: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2783534)

The remote Windows host is affected by the following remote code execution vulnerabilities : - An OpenType Font parsing vulnerability exists due to the way OpenType font files are handled. CVE-2012-2556 - A TrueType Font parsing vulnerability exists due to the way TrueType font files are...

HackInTheBox Quartal Magazine - eZine Issue 09

Document Title: =============== HackInTheBox Quartal Magazine - eZine Issue 09 References: =========== Download: http://www.vulnerability-lab.com/resources/documents/780.pdf Original: magazine.hackinthebox.org/issues/HITB-Ezine-Issue-009.pdf Release Date: ============= 2012-11-30 Vulnerability...

Microsoft Update Includes Critical Security Update for IE 9, First Patches for Windows 8, RT

Microsoft released its monthly security updates today and put special urgency on a cumulative security update for Internet Explorer 9. Critical vulnerabilities were found in the way the browser handles objects in memory which could lead to an attacker remotely executing code. Victims would have t...

MS11-080 AfdJoinLeaf Privilege Escalation

This module exploits a flaw in the AfdJoinLeaf function of the afd.sys driver to overwrite data in kernel space. An address within the HalDispatchTable is overwritten and when triggered with a call to NtQueryIntervalProfile will execute shellcode. This module will elevate itself to SYSTEM, then...

Google Releases Chrome 22 and Pays Out Nearly $30K in Rewards

Google has released Chrome 22, a major new version of its browser that includes a huge number of security fixes, many of them high-priority vulnerabilities. The company also handed out nearly $30,000 in rewards to security researchers, more than half of it to Sergey Glazunov, who discovered two...

CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL: http://www.coresecurity.com/content/windows-kernel-readlayoutfile Da...

PT-2012-3631 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1 Description: The issu...

MS12-042: Vulnerabilities in Windows Kernel could allow elevation of privilege: June 12, 2012

Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that exploits the vulnerability. An attacker must have valid logon credentials and be able to log on locally to exploit this...

CVE-2012-0180

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for 1 windows and 2...

CORE-2011-1123: Windows Kernel ReadLayoutFile Heap Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL:...

PT-2012-3592 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows kernel-mode driver versions prior to the fixed version Description: The issue is related to the improper handling of user-mode input passed to kernel mode, allowing local users to gain privileges via a crafted application. An elevatio...

MS Windows Ancillary Function Driver Privilege Elevation Vulnerabilities (2645640)

This host is missing an important security update according to Microsoft Bulletin MS12-009. OpenVAS Vulnerability Test $Id: secpodms12-009.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Ancillary Function Driver Privilege Elevation Vulnerabilities 2645640 Authors: Antu Sanadi Copyright: Copyrigh...

MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)

The remote Windows host has a bypass vulnerability in the SafeSEH security feature. This could allow an attacker to use other vulnerabilities to bypass the SafeSEH security feature and run arbitrary code on the remote host. Only software applications compiled using Microsoft Visual C++ .NET 2003...

MS12-001: Vulnerability in Windows Kernel could allow security Feature bypass: January 10, 2012

None None...

MS11-098: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)

The remote host is running a Windows kernel version that is affected by a privilege escalation vulnerability due to the way the kernel accesses an object that has not been correctly initialized. A local attacker could exploit this issue by running a specially crafted program on the remote host. C...

Microsoft Windows Kernel "Win32k.sys"键盘布局本地权限提升漏洞

BUGTRAQ ID: 50763 Microsoft Windows是流行的计算机操作系统。 Win32k.sys在实现上存在索引错误，在加载键盘布局文件时，本地攻击者可通过访问无效内存位置，利用此漏洞以内核权限执行任意代码，完全控制受影响计算机 Microsoft Windows XP Microsoft Windows 7 厂商补丁： Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.microsoft.com/windowsxp/default.asp instruder...