Content
(MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
- Type
- Logic error
- Impact of exploitation
- Denial of Service
- User Interaction
- user interaction is needed
- Attack Vector
- Authenticated locally logged on user with limited privileges
- Rating
- Low
- CVE reference
- CVE-2009-2517,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2003 SP2,
- Summary
- A vulnerability in the Windows Kernel may allow for local denial-of-service attacks.
Tab Navigation
Description
A vulnerability in the Windows Kernel may allow for local denial-of-service attacks. The vulnerability exists due the way the kernel handles certain exceptions. An attacker could exploit the vulnerability by running a specially crafted application causing the system to restart.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
- Signature identifier:
- 7202
- Release date:
- 10/13/2009
McAfee Intrushield
McAfee Host IPS
- Signature:
- (MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
- Signature identifier:
- 7202
- Release date:
- 10/14/2009
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
The V-Flash of October 14th will contain remedies for this issue.
- Signature:
- Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
- Signature identifier:
- 98972
- Release date:
- 10/14/2009
Additional Resources
(MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
All Information
Timeline -
10/13/2009
Vendor has provided a patch.
Description -
A vulnerability in the Windows Kernel may allow for local denial-of-service attacks. The vulnerability exists due the way the kernel handles certain exceptions. An attacker could exploit the vulnerability by running a specially crafted application causing the system to restart.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
- Signature identifier:
- 7202
- Release date:
- 10/13/2009
McAfee Intrushield
McAfee Host IPS
- Signature:
- (MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
- Signature identifier:
- 7202
- Release date:
- 10/14/2009
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
The V-Flash of October 14th will contain remedies for this issue.
- Signature:
- Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
- Signature identifier:
- 98972
- Release date:
- 10/14/2009
Additional Resources
Additional Resources -
(MS09-058) Windows Kernel Exception Handler Vulnerability (971486)
http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
