1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege

Report ID: MS201403003
Date Published: March 11, 2014

Compromise Type: privilege-escalation
Compromise From: local-system

Affected Product/Component:

Windows 8 and Windows 8.1
Windows 7
Windows Vista
Windows XP
Windows RT 8.1
Windows RT
Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2
Windows Server 2008
Windows Server 2003


Multiple vulnerabilities in the Windows kernel-mode driver may, if successfully exploited, lead to an attacker gaining an elevation of privileges.

Detailed Description

Two separate vulnerabilities in the Win32k.sys Windows kernel-mode driver may be exploited to either disclose information from the kernel memory (which may be used to further compromise the system) or to gain an elevation of privileges.

To attack these vulnerabilities, the attacker must be locally logged onto the system with valid logon credentials.

CVE Reference



Install the latest security patch for applicable systems, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms14-015)

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.