Windows kernel vulnerability could allow security bypass
Report ID: MS201201001
Date Published: 11 January 2012
Criticality: Important
Compromise Type: security-bypass
Compromise From: remote
Affected Product/Component:
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Summary
A vulnerability in the Windows kernel could allow an attacker to bypass the SafeSEH security feature and possibly exploit other vulnerabilities.
Detailed Description
Microsoft has released a security update to address a vulnerability in the Windows kernel, affecting the ntdll.dll component. It resulted when the kernel loads a structured exception handling table during binary execution. Upon successful exploit, an attacker could be able to bypass the SafeSEH security feature in an application and procede to exploit other vulnerabilities that may lead to arbitrary code execution.
This issue has been addressed in the update, in which the way that Windows kernel loads structured handling tables has been modified. Users are recommended to install the update to protect their system from potential exploit.
CVE Reference
CVE-2012-0001
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-001)
