New Windows kernel mode flaw points to future attack vectors

JMH

Banned
Local time
9:22 PM
Messages
6,448
A new Windows flaw that allows all current, supported versions of Windows to be crashed was published on Friday by Israeli researcher Gil Dabah. The bug allows a local user to cause a system to suffer a blue-screen of death crash. In principle, this may also allow attackers to run code of their choosing with kernel privileges, though in practice, the looks as if it would be difficult due to the nature of the flaw.

The bug is in a kernel-mode component called win32k.sys, which handles many key Windows features like window management and 2D graphics. This specific flaw is in the component's handling of the system clipboard; by placing specially malformed data onto the clipboard, the system can be made to corrupt the screen or crash outright. In the early days of Windows, the component in question did not run in kernel mode; it was moved there for Windows NT 4, as doing so made 2D desktop graphics substantially faster.

win32k.sys has remained in kernel mode ever since, and as a result, this flaw affects Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, for both x86 and x64, both with or without Service Packs.

Microsoft is aware of the flaw but has not announced when a patch might be made available. Due to the nature of the problem, it has been assigned a "Less Critical" rating by security group Secunia. This rating is a result of the lack of remote exploitability and the difficulties in using the flaw to execute an attacker's code.
More -
New Windows kernel mode flaw points to future attack vectors
 

My Computer My Computer

At a glance

Win 7 Ultimate 64-bit. SP1.Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6...8 DDR 3 RAM. 1066MHZATI 1024 MB. DDR3. Radeon HD5650
Computer Manufacturer/Model Number
LAPTOP. HP Pavilion dv7-4010TX .
OS
Win 7 Ultimate 64-bit. SP1.
CPU
Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6MB Cache.]
Memory
8 DDR 3 RAM. 1066MHZ
Graphics Card(s)
ATI 1024 MB. DDR3. Radeon HD5650
Monitor(s) Displays
17.3" High Definition Brightview LCD. LED Backlit.
Screen Resolution
1600 x 900.
Hard Drives
640GB
Case
Laptop / notebook.
Mouse
Logitech Anywhere mouse. MX.
Internet Speed
ADSL [ but too slow ]
Wonder if we'll see another out of band update. Maybe not unless an exploit or exploits are published.
 

My Computer My Computer

At a glance

Windows 7 x64 / SameIntel Core 2 Duo T7250 / Intel Core i7 9304GB / 6GBNVIDIA GeForce 8400M GS / ASUS 1GB
Computer Manufacturer/Model Number
Dell Inspiron 1520 (Laptop)/ Home (Desktop)
OS
Windows 7 x64 / Same
CPU
Intel Core 2 Duo T7250 / Intel Core i7 930
Motherboard
Intel 945 / Asus P6X58D-E
Memory
4GB / 6GB
Graphics Card(s)
NVIDIA GeForce 8400M GS / ASUS 1GB
Sound Card
Whatever Dell gave me :-( / Onboard
Monitor(s) Displays
15.4" LCD / Crappy CRT
Hard Drives
Seagate 500GB SATA; 7200 RPM / Seagate 1TB SATA; 7200 RPM
PSU
N/A / OCZ Fatal1ty 550W Modular
Case
N/A / Antec 900
Cooling
Air
Mouse
Microsoft Presenter (Bluetooth)
is MS planning to release a patch or not?
 

My Computer My Computer

At a glance

Windows 8 Professional x64core 2 duo T55504 GBGMA X3100
Computer Manufacturer/Model Number
aspire 5920
OS
Windows 8 Professional x64
CPU
core 2 duo T5550
Memory
4 GB
Graphics Card(s)
GMA X3100
Hard Drives
160 GB + 320 GB
Internet Speed
2 mbps
Back
Top