Content
(MS08-025) Microsoft Windows Kernel Vulnerability (941693)
- Type
- Buffer Overflow
- Impact of exploitation
- Privilege Escalation
- User Interaction
- no user interaction is needed
- Attack Vector
- Authenticated locally logged on user with limited privileges
- Rating
- Medium
- CVE reference
- CVE-2008-1084,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 Sp4,
- Windows Xp Sp2,
- Windows 2003 Sp2,
- Windows Vista SP0,
- Windows Server 2008 RTM,
- Summary
- A vulnerability in Microsoft Windows may allow for local privilege-escalation attacks.
Tab Navigation
Description
The Windows kernel is the core of the Windows operating system. A vulnerability in Microsoft Windows may allow for local privilege-escalation attacks. The vulnerability is due to improper processing of input supplied in usermode. A local attacker could run arbitrary code by exploiting the vulnerability.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the patch available from Microsoft (941693): http://www.microsoft.com/technet/security/Bulletin/MS08-025.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-025) Microsoft Windows Kernel Vulnerability (941693)
- Signature identifier:
- 5805
- Release date:
- 4/8/2008
Additional Resources
Microsoft Security Bulletin: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
http://www.microsoft.com/technet/security/bulletin/MS08-025.mspx
MS08-025: Win32k vulnerabilities
http://blogs.technet.com/swi/archive/2008/04/09/ms08-025-win32k-vulnerabilities.aspx
All Information
Timeline -
4/28/2008
A proof-of-concept exploit has become public.
4/9/2008
Vendor has provided information on the vulnerability.
4/8/2008
Vendor has provided a patch.
Description -
The Windows kernel is the core of the Windows operating system. A vulnerability in Microsoft Windows may allow for local privilege-escalation attacks. The vulnerability is due to improper processing of input supplied in usermode. A local attacker could run arbitrary code by exploiting the vulnerability.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the patch available from Microsoft (941693): http://www.microsoft.com/technet/security/Bulletin/MS08-025.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-025) Microsoft Windows Kernel Vulnerability (941693)
- Signature identifier:
- 5805
- Release date:
- 4/8/2008
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
http://www.microsoft.com/technet/security/bulletin/MS08-025.mspx
MS08-025: Win32k vulnerabilities
http://blogs.technet.com/swi/archive/2008/04/09/ms08-025-win32k-vulnerabilities.aspx
