Windows kernel vulnerability could allow security bypass
Report ID: MS201201001
Date Published: 11 January 2012
Compromise Type: security-bypass
Compromise From: remote
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
A vulnerability in the Windows kernel could allow an attacker to bypass the SafeSEH security feature and possibly exploit other vulnerabilities.
Microsoft has released a security update to address a vulnerability in the Windows kernel, affecting the ntdll.dll component. It resulted when the kernel loads a structured exception handling table during binary execution. Upon successful exploit, an attacker could be able to bypass the SafeSEH security feature in an application and procede to exploit other vulnerabilities that may lead to arbitrary code execution.
This issue has been addressed in the update, in which the way that Windows kernel loads structured handling tables has been modified. Users are recommended to install the update to protect their system from potential exploit.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-001)