CrySyS Duqu Detector Open source Toolkit Released

CrySyS Duqu Detector Open source Toolkit Released Two weeks ago Researchers at the Laboratory of Cryptography and System Security CrySyS in Hungary confirmed the existence of the zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like...

Microsoft Windows kernel UDP processing integer overflow

Integer overflow leads to code execution via the flow of UDP packets to closed port...

Stars Attack on Iran Was Early Version of Duqu

A few months after the hysteria around Stuxnet had died down, officials in Iran announced in April that some sensitive systems in the government’s networks had been attacked by a new piece of malware, known then as Stars. It now appears that attack was, in fact, the first appearance of an early...

VulnCheck KEV: CVE-2011-3402

Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page...

Windows Kernel Zero Day Vulnerability Found in Duqu Installer

Windows Kernel Zero Day Vulnerability Found in Duqu Installer Duqu malware attack exploited a zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan. The vulnerability has since been reported to Microsoft and Microsoft i...

Duqu Installer Contains Windows Kernel Zero Day

A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn’t clear right...

CVE-2011-1888

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CV...

PT-2011-3441 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 and SP2 Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Windows 7 versions Gold and SP1 Description: The issue allows local users to gain...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1883) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2506223)

This host is missing a critical security update according to Microsoft Bulletin MS11-034. OpenVAS Vulnerability Test $Id: secpodms11-034.nasl 8724 2018-02-08 15:02:56Z cfischer $ Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities 2506223 Authors: Veerendra GG Copyright: Copyright c...

Microsoft Windows Kernel win32k.sys LoadSysMenu Code Execution (MS11-034; CVE-2011-0662)

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...

Microsoft Windows Kernel win32k.sys Execute NULL Code Execution (MS11-034; CVE-2011-1231)

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...

Microsoft Windows Kernel LoadKeyboardLayoutEx Code Execution (MS11-034; CVE-2011-1241)

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...

Microsoft Windows Kernel win32k.sys DragObject Code Execution (MS11-034; CVE-2011-1238)

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported in the Windows kernel. The...

Microsoft Windows Kernel-Mode Drivers Win32k Memory Corruption (MS11-012; CVE-2011-0090)

The Windows kernel-mode driver win32k.sys is a kernel-mode device driver and is the kernel part of the Windows subsystem. It contains the window manager and the Graphics Device Interface GDI. It also serves as a wrapper for DirectX support. An elevation of privilege vulnerability has been...

Microsoft Windows Kernel Integer Truncation Privilege Escalation (MS11-011; CVE-2011-0045)

The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. An elevation of privilege vulnerability has been reported due to the way that the Windows...

Microsoft Windows Kernel整数截断本地权限提升漏洞

BUGTRAQ ID: 46136 CVE ID: CVE-2011-0045 Windows是微软发布的非常流行的操作系统。 Windows Kernel在实现上存在本地权限提升漏洞，攻击者可利用此漏洞以内核级别权限执行任意代码，从而完全控制受影响计算机。 此漏洞源于Kernel对跟踪事件的支持。由于畸形转换，Kernel为用户空间中的数据分配使用截断的长度。在填充此缓冲区时，Kernel将使用造成缓冲区溢出的另一个长度。这将造成内存破坏并导致执行任意代码。 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP...

Microsoft Office TIFF Image Converter内存破坏漏洞(MS10-098)

BUGTRAQ ID: 45285 CVE ID: CVE-2010-3950 Microsoft Office是非常流行的办公软件套件。 Microsoft Office处理包含畸形结构数据的TIFF图形文件时存在漏洞，攻击者可利用此漏洞通过诱使用户打开恶意Office文件以当前登录的用户身份执行任意代码或造成拒绝服务。 Microsoft Office XP SP3 Microsoft Works 9.0 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS10-098）以及相应补丁: MS10-098：Vulnerabilities...

IOCTL Fuzzer v1.2 Download

"IOCTL Fuzzer is a tool designed to automate the task of searching vulnerabilities in Windows kernel drivers by performing fuzz tests on them. The fuzzer's own driver hooks NtDeviceIoControlFile in order to take control of all IOCTL requests throughout the system. While processing IOCTLs, the...

Exploit Code Out For New Windows Kernel Flaw

Security experts are warning about a newly discovered local privilege escalation bug in the Windows kernel that affects most of the current versions of the operating system, including Vista and Windows 7. The new Windows kernel bug is considered a critical vulnerability, even though it can’t be...