‫ Microsoft Windows Kernel Two Vulnerabilities

ID: IRCAD2014103570
Release Date: 2014-10-15
Criticality level: Highly critical
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows RT 8.1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.
1) An error in win32k.sys when handling certain objects can be exploited to execute arbitrary code with kernel privileges.
2) An error when parsing TrueType fonts can be exploited to execute arbitrary code with kernel privileges via a specially crafted TrueType font embedded within a web page.
Note: Reportedly, these vulnerabilities are currently being exploited in limited, targeted attacks.
Apply update.
Windows Server 2003
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Server Core installation option
MS14-058 (KB3000061):


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 27 مهر 1393


امتیاز شما
تعداد امتیازها:0