The Latest in IT Security

Microsoft Windows win32k.sys Memory Corruption Vulnerability

21
Dec
2011

A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user’s system.

The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large “height” attribute viewed using the Apple Safari browser and causes a BSoD.

Successful exploitation may allow execution of arbitrary code with kernel-mode privileges.

The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit. Other versions may also be affected.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments