1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Microsoft Windows Vista Page Fault Handling Denial of Service

Report ID: SA32115
Source: Secunia
Date of Discovery: 06.10.2008
Criticality: Negligible
Affects:
Microsoft Windows Vista

Compromise From: Local system
Compromise Type: DoS

Summary

A vulnerability has been discovered in Microsoft Windows Vista, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

Detailed Description

A vulnerability has been discovered in Microsoft Windows Vista, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the handling of page faults caused by repeated attempts to access a virtual address from a "PAGE_NOACCESS" memory page and can be exploited to cause a system crash.

The vulnerability is confirmed on a fully patched Microsoft Windows Vista system.

Solution

Restrict local access to trusted users only.