Microsoft Windows Win32k Kernel-Mode Driver Privilege Escalation
SECUNIA ADVISORY ID: SA37309
VERIFY ADVISORY: http://secunia.com/advisories/37309/
DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
1) An input validation error in the Win32k kernel-mode driver (Win32k.sys) when invoking a system call can be exploited to execute arbitrary code in kernel mode.
2) An error in the Win32k kernel-mode driver (Win32k.sys) when handling input passed through the kernel component of GDI (Graphics Device Interface) can be exploited to execute arbitrary code in kernel mode.
SOLUTION: Apply patches.
Windows Vista (optionally with SP1 / SP2): http://www.microsoft.com/downloads/details.aspx?familyid=54562103-1d99-42d7-8f7f-c0cbcdce90db
Windows Vista x64 Edition (optionally with SP1 / SP2): http://www.microsoft.com/downloads/details.aspx?familyid=fcb87cc8-6fd7-4f16-93d6-552999462fb1
Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=b97d48de-0f6d-4bca-b990-acf543fdb8b7
Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=0e2b8607-10fa-406a-96a5-18290f479c48
Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=28eba3f3-99a5-424c-bc8d-a718c716699e
PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Agin Sun.
ORIGINAL ADVISORY: MS09-065 (KB969947): http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
———————————————————————-