Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: New Windows kernel mode flaw points to future attack vectors

10 Aug 2010   #1

Win 7 Ultimate 64-bit. SP1.
New Windows kernel mode flaw points to future attack vectors


A new Windows flaw that allows all current, supported versions of Windows to be crashed was published on Friday by Israeli researcher Gil Dabah. The bug allows a local user to cause a system to suffer a blue-screen of death crash. In principle, this may also allow attackers to run code of their choosing with kernel privileges, though in practice, the looks as if it would be difficult due to the nature of the flaw.

The bug is in a kernel-mode component called win32k.sys, which handles many key Windows features like window management and 2D graphics. This specific flaw is in the component's handling of the system clipboard; by placing specially malformed data onto the clipboard, the system can be made to corrupt the screen or crash outright. In the early days of Windows, the component in question did not run in kernel mode; it was moved there for Windows NT 4, as doing so made 2D desktop graphics substantially faster.

win32k.sys has remained in kernel mode ever since, and as a result, this flaw affects Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, for both x86 and x64, both with or without Service Packs.

Microsoft is aware of the flaw but has not announced when a patch might be made available. Due to the nature of the problem, it has been assigned a "Less Critical" rating by security group Secunia. This rating is a result of the lack of remote exploitability and the difficulties in using the flaw to execute an attacker's code.

More -
New Windows kernel mode flaw points to future attack vectors

My System SpecsSystem Spec
11 Aug 2010   #2

Windows 7 x64 / Same

Wonder if we'll see another out of band update. Maybe not unless an exploit or exploits are published.
My System SpecsSystem Spec
11 Aug 2010   #3

Windows 8 Professional x64

is MS planning to release a patch or not?
My System SpecsSystem Spec


 New Windows kernel mode flaw points to future attack vectors

Thread Tools

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 18:20.
Twitter Facebook Google+