Content

(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)

Type
Logic error
Impact of exploitation
Privilege Escalation
User Interaction
no user interaction is needed
Attack Vector
Authenticated locally logged on user with limited privileges
Rating
Medium
CVE reference
CVE-2009-1127,
Vendor Status
Responded and patched
Vulnerable systems
Windows  2000 SP4,
Windows  XP SP3,
Windows  XP SP2,
Windows  XP X64 Professional,
Windows Server 2003  2003 SP2,
Windows Server 2003  Sp2 X64,
Windows Server 2003  Sp2 Itanium,
Windows  Vista SP1,
Windows  Vista X64 SP1,
Windows Server 2008  ,
Summary
A privilege escalation vulnerability exists in the Windows kernel.

Tab Navigation

Description

The vulnerability exists because the Windows kernel doesn't properly validate an argument passed to a Windows kernel system call. Successful exploitation of the vulnerability could allow an attacker to run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

McAfee Product Mitigation & Recommendations

Recommendations

The Vendor has released patches to address this issue http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

McAfee Product Mitigation

McAfee Foundstone
Signature:
(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)
Signature identifier:
7316
Release date:
11/10/2009

Additional Resources

(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)

http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

All Information

Timeline -

11/10/2009

Vendor has provided a patch.

Description -

The vulnerability exists because the Windows kernel doesn't properly validate an argument passed to a Windows kernel system call. Successful exploitation of the vulnerability could allow an attacker to run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

McAfee Product Mitigation & Recommendations

Recommendations -

The Vendor has released patches to address this issue http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

McAfee Product Mitigation

McAfee Foundstone
Signature:
(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)
Signature identifier:
7316
Release date:
11/10/2009

Additional Resources

Additional Resources -

(MS09-065) Win32k NULL Pointer Dereferencing Vulnerability (969947)

http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx