1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA200905998

Microsoft Win32k Multiple Vulnerabilities

Report ID: SA200905998
Source: F-Secure
Date of Discovery: 10.11.2009
Criticality: Critical
Affects:
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

*Server Core installation affected.
Compromise From: From remote
Compromise Type: Remote code execution

Summary

Multiple vulnerabilities have been reported in the kernel of the Windows Vista, Windows XP, Windows 2000 and Windows Server 2003 operating systems. The most severe effect of exploiting these vulnerabilities is that an attacker can perform remote code execution on the affected system.

 

 

Detailed Description

The specific vulnerabilities addressed are:

Win32k NULL Pointer Dereferencing Vulnerability
Win32k Insufficient Data Validation Vulnerability
Win32k EOT Parsing Vulnerability

Exploit of these vulnerabilities typically depends on the user visiting a malicious website specifically designed to exploit these vulnerabilities. The websites would host specially crafted Embedded OpenType (EOT) font for this purpose. The attacker has no way of forcing a user to visit such sites, other than social engineering strategems.

Solution

Apply patches.


Windows Vista for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=fcb87cc8-6fd7-4f16-93d6-552999462fb1

Windows 2000:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=45db8bb1-c81b-4d3f-a658-74f5fa445f81

Windows Server 2008:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b97d48de-0f6d-4bca-b990-acf543fdb8b7

Windows Server 2008 x64 Edition:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=0e2b8607-10fa-406a-96a5-18290f479c48

Windows Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=28eba3f3-99a5-424c-bc8d-a718c716699e

Windows Server 2003 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b95daac0-4c99-47a4-b0ca-9429997ea3d9

Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5cd62750-e269-44ae-8c7c-c335e8545b9a

Security Update for Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=04a7f817-f330-4003-8b25-d3e744905b12