Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows kernel-mode drivers vulnerabilities could allow escalation of privilege


Report ID: MS201207005
Date Published: 16 July 2012

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system


Affected Product/Component:

Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

Two reported vulnerabilities in Windows kernel-mode drivers could allow an attacker to execute code with escalated privilege.



Detailed Description

Microsoft has released a security update addressing two vulnerabilities in the Windows kernel-mode driver. One vulnerability was caused by improper handling of keyboard layout files, while the other was caused by improper validation of parameters when creating a hook procedure.

Both vulnerabilities could each lead to an attacker gaining privilege to execute code in kernel-mode. But to exploit these vulnerabilities, the attacker must have valid log-on credentials and be able to log on locally.

The latest security update resolves these issues by correcting the way in handling keyboard layout files and in validating callback parameters when creating a hook procedure. Users are recommended to install the latest update to their system as a protection against potential exploit attempts. 



CVE Reference

CVE-2012-1890, CVE-2012-1893



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-047)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.