Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft probes new Windows kernel bug

08 Aug 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Microsoft probes new Windows kernel bug

Quote:

Microsoft on Friday said it is investigating an unpatched vulnerability in Windows after an Israeli researcher revealed a bug in the operating system's kernel driver.

According to Gil Dabah, a researcher from Tel Aviv who goes by the nickname "arkon," the Windows' kernel harbors a heap overflow vulnerability. Dabah also posted a short proof-of-concept to demonstrate the bug on RageStorm.com, a site he and two others run.

"Microsoft is investigating reports of a possible vulnerability in Windows Kernel," said Jerry Bryant on Friday. "Upon completion of the investigation, Microsoft will take appropriate actions to protect customers."

In an alert published Friday, Danish bug tracker Secunia pinpointed the bug in the "Win32k.sys" kernel-mode device driver, the kernel component of the Windows subsystem. Attackers could exploit the flaw using "GetClipboardData," an API (application programming interface) that retrieves data from the Window clipboard.

A successful exploit would allow hackers to execute their attack code in kernel mode, which would then let them infect the PC with malware or pillage any data on the machine.



More -
Microsoft probes new Windows kernel bug - Computerworld


My System SpecsSystem Spec
.

08 Aug 2010   #2

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

According to http://secunia.com/advisories/40870/ the attack vector requires that the attacker is a local user on the system.

Jim
My System SpecsSystem Spec
09 Aug 2010   #3

Windows 7 x64 / Same
 
 

Quote   Quote: Originally Posted by Phone Man View Post
According to Microsoft Windows win32k.sys Driver "CreateDIBPalette()" Buffer Overflow - Advisories - Community the attack vector requires that the attacker is a local user on the system.

Jim
Couldn't it be exploited remotely?

Edit:

Quote   Quote: Originally Posted by Arkon
Anyway, it’s really funny for me to read that people say it’s exploitable, I am waiting to see an exploit, in the code execution sense. This is not trivial since every fourth byte that is copied is the value 4. And the memory block gets allocated per call, very hard to have any assumptions on it. But who am I to judge if Vupen said it’s exploitable, LOL.
Another thing – no one said how to temporarily avoid this vulnerability from occurring, if you change the clipboard access, or the access to change resolution then you’re good to go.


...


I know, I played with it myself.
It’s very hard to exploit it for code execution, on the edge of impossible. That’s why I felt safe about releasing it publicly
Still curious, if anybody is able to do it.
My System SpecsSystem Spec
.


09 Aug 2010   #4

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

I am sure Secunia has tested the exploit and that was their findings.

Jim
My System SpecsSystem Spec
Reply

 Microsoft probes new Windows kernel bug




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:43 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33