Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows AFD vulnerability could allow escalation of privilege


Report ID: MS201110006
Date Published: 12 October 2011

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system


Affected Product/Component:

Windows XP
Windows Server 2003




Summary

A vulnerability in Windows Ancillary Function Driver (AFD) could allow privilege escalation, allowing a local attacker to run arbitrary code in kernel mode and take complete control of the affected system.



Detailed Description

Microsoft has released a security update to fix a vulnerability found in Windows Ancillary Function Driver (AFD), which could allow privilege escalation to an attacker who locally logs on to an affected system. Upon successful exploit, the attacker could execute arbitrary code in kernel mode and take complete control of the system.

This vulnerability was caused by improper input validation when receiving data from user mode. To fix this issue, the way that AFD validates input before passing the input from user-mode to the Windows kernel has been corrected through the update. Users are recommended to install the latest update patch to protect their system from potential exploit.  



CVE Reference

CVE-2011-2005



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-080)



Online Virus Scanner

 
Run a quick online virus scan of your computer.