F-Secure
Tools
Microsoft Windows Kernel Vulnerabilities
| Report ID: | SA201006487 |
| Source: | F-Secure |
| Date of Discovery: | 10.08.2010 |
| Criticality: | Urgent |
| Affects: | Windows XP Windows Vista Windows Server 2008 Windows 7 Windows Server 2008 R2 |
| Compromise From: | From local system |
| Compromise Type: | DoS Privilege escalation |
Summary
Three vulnerabilities reported in Microsoft Windows Kernel could separately lead to escalation of privilege and denial of service attack.
Detailed Description
Microsoft has reported three vulnerabilities in WIndows Kernel, two of which are escalation of privilege vulnerabilities and one is a denial of service vulnerability.
The reported vulnerabilities are as follows:
• Windows Kernal data initialization vulnerability, caused by a race condition when creating specific types of threads, could allow an attacker to run arbitrary code and gain system access.
• Windows Kernel double free vulnerability, caused by improper object initialization while handling certain errors, could allow an attacker to run arbitrary code and gain system access.
• Windows Kernel improper validation vulnerability, caused by improper validation of access control lists on kernel objects, could make the system to stop responding and automatically restart.
Solution
Install the latest update for applicable system.
*Server Core installation affected.
Original Reference
Microsoft Security Bulletin MS10-047 (http://www.microsoft.com/technet/security/bulletin/MS10-047.mspx)
CVE Reference
CVE-2010-1888
CVE-2010-1889
CVE-2010-1890
CVE-2010-1889
CVE-2010-1890