This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of McAfee Application Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of syscall 768 in the swin.sys kernel driver. A malicious call can write a 0 to an arbitrary address in kernel memory. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.