Security Research & Defense

Thursday, June 11, 2009 1:17 PM

Latest Baidu public posting requires Adminisrator to elevate

Last night we noticed a Windows XP kernel 0day claim in win32k!NtUserConsoleControl posted on baidu.com. We took a quick look and found that the issue requires administrator privileges to execute. We are still investigating, looking for any chance of

Posted by swiblog | (Comments Off)

Filed under: win32k.sys, Exploitability, Risk Asessment

Tuesday, October 14, 2008 10:11 AM

MS08-061 : The case of the kernel mode double-fetch

MS08-061 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector based on our investigation of the vulnerability. One of these vulnerabilities

Posted by swiblog | (Comments Off)

Filed under: ProbeForRead, kernel, win32k.sys, double fetch

Wednesday, April 09, 2008 9:02 AM

MS08-025: Win32k vulnerabilities

MS08-025 addresses several vulnerabilities in win32k.sys where you can execute arbitrary code in kernel mode. These bugs can only be exploited locally and there is no remote vector we are aware of. One of these vulnerabilities deals on how we can bypass

Posted by swiblog | (Comments Off)

Filed under: ProbeForRead, ProbeForWrite, kernel, win32k.sys

Security Research & Defense

This Blog

Syndication

Search

News

Blogroll

Report a Vulnerability to Microsoft

Tags

Recent Posts

Archives

Browse by Tags

Latest Baidu public posting requires Adminisrator to elevate

MS08-061 : The case of the kernel mode double-fetch

MS08-025: Win32k vulnerabilities