Microsoft Windows Kernel Exception Handler Local Denial Of Service Vulnerability

ID SMNTC-36625
Type symantec
Reporter Symantec Security Response
Modified 2009-10-13T00:00:00



Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. The issue stems from an error in the kernel's exception handler. Attackers may exploit this issue to restart the system, causing a denial-of-service condition.

Technologies Affected

  • Avaya Meeting Exchange - Enterprise Edition
  • Avaya Meeting Exchange 5.0
  • Avaya Meeting Exchange 5.0 SP1
  • Avaya Meeting Exchange 5.0 SP2
  • Avaya Meeting Exchange
  • Avaya Meeting Exchange 5.1
  • Avaya Meeting Exchange 5.1 SP1
  • Avaya Messaging Application Server
  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 Standard Edition SP2


Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local interactive access to an affected computer. Grant local access for trusted and accountable users only.

Microsoft has released an advisory and updates. Please see the references for details.