F-Secure
Tools
Microsoft Windows Vista Page Fault Handling Denial of Service
| Report ID: | SA32115 |
| Source: | Secunia |
| Date of Discovery: | 06.10.2008 |
| Criticality: | Negligible |
| Affects: | Microsoft Windows Vista |
| Compromise From: | Local system |
| Compromise Type: | DoS |
Summary
A vulnerability has been discovered in Microsoft Windows Vista, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Detailed Description
A vulnerability has been discovered in Microsoft Windows Vista, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the handling of page faults caused by repeated attempts to access a virtual address from a "PAGE_NOACCESS" memory page and can be exploited to cause a system crash.
The vulnerability is confirmed on a fully patched Microsoft Windows Vista system.
The vulnerability is caused due to an error in the handling of page faults caused by repeated attempts to access a virtual address from a "PAGE_NOACCESS" memory page and can be exploited to cause a system crash.
The vulnerability is confirmed on a fully patched Microsoft Windows Vista system.
Solution
Restrict local access to trusted users only.