Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows kernel vulnerability could allow security bypass


Report ID: MS201201001
Date Published: 11 January 2012

Criticality: Important
Compromise Type: security-bypass
Compromise From: remote


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

A vulnerability in the Windows kernel could allow an attacker to bypass the SafeSEH security feature and possibly exploit other vulnerabilities. 



Detailed Description

Microsoft has released a security update to address a vulnerability in the Windows kernel, affecting the ntdll.dll component. It resulted when the kernel loads a structured exception handling table during binary execution. Upon successful exploit, an attacker could be able to bypass the SafeSEH security feature in an application and procede to exploit other vulnerabilities that may lead to arbitrary code execution. 

This issue has been addressed in the update, in which the way that Windows kernel loads structured handling tables has been modified. Users are recommended to install the update to protect their system from potential exploit.



CVE Reference

CVE-2012-0001



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-001)




Online Virus Scanner

 
Run a quick online virus scan of your computer.