Poor Microsoft. 2010 just has not started off looking good. Microsoft is investigating a "new" report of a vulnerability in Windows that can be exploited to gain elevated privileges. Microsoft confirmed that the bug, a privilege escalation issue in the operating system's kernel, is being analyzed. Danish security firm
Secunia published an advisory on the bug Aug. 6, identifying the issue as a boundary error in Win32k.sys that can be exploited via the "
GetClipboardData()" API to cause a buffer overflow. If successful, attackers will be able to execute code with kernel privileges, according to Secunia, which warned organizations to only grant "access to trusted users." Microsoft is of course investigating reports of a possible vulnerability in Windows Kernel," said Jerry Bryant, at MRC. The bug has been confirmed to work on most editions of the operating system, including Windows 7, Windows XP SP3 (Service Pack 3) and Windows Server 2008 SP2. The danger comes from the fact that this vulnerability affects "all" Windows versions including Windows 7, However, exploitation is not trivial due to the nature of the flaw and due to a hardcoded value of 4 being written into the buffer every fourth byte of the source data to be copied.
VUPEN and Secunia rated the vulnerability as a "moderate risk" and "less critical," respectively. The bug was first reported by a researcher going by the name "Arkon," who has posted a proof-of-concept exploit on the Web.
As a side note, microsoft also stated that they have
no plans to pay researcher-per-bug rewards as Mozilla and Google do, though the company has spent a lot of time in the past several weeks dealing with issues around bug disclosure. As part of its monthly Patch Tuesday update, Microsoft plans to release a total of
14 security bulletins tomorrow, the most on record for the company ever .
No comments:
Post a Comment