Sign in
Security Research & Defense
Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance
Connect
Postings are provided "AS IS" with no warranties, and confers no rights.
Get alerts when we update our blog!
Tags
.NET Framework
ActiveX
Adobe
ATL
Attack
Attack Surface Reduction
Attack Vector
authentication bypass
AutoPlay
AutoRun
CanSecWest
classid
clsid
COM
Defense-in-depth
DEP
detection
disassembly
dns
EMET
Exploitability
exploitation
FixIt
Font
full-disclosure
gdiplus
GS
HTML
ICMP
IE
IGMP
IIS
Internet Explorer (IE)
ISATAP
kernel
Killbit
malware
Man-in-the-Middle
Microsoft Office
Mitigations
ModSecurity
MS08-001
MS08-067
MS09-032
MS09-034
MS09-035
MS09-056
MS09-061
MS09-062
MS09-063
MS09-064
MS09-065
MS12-043
MSHTML
msmq
msvidctl
MSXML
MSXML5
multicast group
netmon
network
network capture
network protocol
NTLM
Open XML
phoenix bit
PKI
ProbeForRead
ProbeForWrite
protocol handlers
quartz.dll
rating
registry
Risk Asessment
RPC
safe for initialization
safe for scripting
Schannel
Security Bulletin
Security Science
Security Tools
security zones
SharePoint
signing
SMB
spoofing
SQL
SQL Injection
timing attack
TLS
tools
Visual Studio
win32k.sys
Windows Media components
WINS
Workarounds
XBAP
XSS
XSS Filter
Zero-Day Exploit
Browse by Tags
TechNet Blogs
>
Security Research & Defense
>
All Tags
>
win32k.sys
Tagged Content List
Blog Post:
MS11-034: Addressing vulnerabilities in the win32k subsystem
swiat
Today we released security bulletin MS11-034 to address vulnerabilities in the win32k subsystem. This update addresses externally reported issues as well as several internally found vulnerabilities that were discovered as part of our variant investigation. The bulletin may appear to address an alarmingly...
on
12 Apr 2011
Blog Post:
MS10-048 an explanation of the Defense in Depth fixes
swiat
Today we released several fixes on MS10-048 affecting the win32k.sys kernel component. The most severe vulnerability allows a local user to perform an authenticated elevation of privileges, with no possible remote vector. This update also includes several “Defense in Depth” measures...
on
10 Aug 2010
Blog Post:
Assessing the risk of the June Security Bulletins
swiat
Today we released ten security bulletins . Three have a maximum severity rating of Critical and seven have a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most...
on
8 Jun 2010
Blog Post:
MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
swiat
Today we released a security update rated Important for CVE-2010-1255 in MS10-032 . This vulnerability affects the win32k.sys driver. This blog post provides more information about this vulnerability that can help with prioritizing the deployment of updates this month. What’s the...
on
8 Jun 2010
Blog Post:
Latest Baidu public posting requires Adminisrator to elevate
swiat
Last night we noticed a Windows XP kernel 0day claim in win32k!NtUserConsoleControl posted on baidu.com. We took a quick look and found that the issue requires administrator privileges to execute. We are still investigating, looking for any chance of privilege escalation but so far it looks like a...
on
11 Jun 2009
Blog Post:
MS08-061 : The case of the kernel mode double-fetch
swiat
MS08-061 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector based on our investigation of the vulnerability. One of these vulnerabilities involves multiple kernel mode accesses...
on
14 Oct 2008
Blog Post:
MS08-025: Win32k vulnerabilities
swiat
MS08-025 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector we are aware of. One of these vulnerabilities deals on how we can bypass some of the ProbeForWrite and ProbeForRead checks...
on
9 Apr 2008
Page 1 of 1 (7 items)