The host is installed with Microsoft Windows operating system and is prone to pivilege escalation vulnerability. This NVT has been replaced by NVT secpod_ms11-087.nasl (OID:1.3.6.1.4.1.25623.1.0.902767).

Successful exploitation could allow attackers to execute arbitrary code with kernel-level privileges. Failed exploit attempts may result in a denial-of-service condition. Impact Level: System

Apply the workaround from below link, http://support.microsoft.com/kb/2639658

The flaw is due to due to an error within the Win32k kernel-mode driver when parsing TrueType fonts.

Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows XP Service Pack 3 and prior Microsoft Windows Vista Service Pack 2 and prior Microsoft Windows Server 2008 Service Pack 2 and prior Microsoft Windows server 2003 Service Pack 2 and prior

• http://secunia.com/advisories/46724/
• http://support.microsoft.com/kb/2639658
• http://technet.microsoft.com/en-us/security/advisory/2639658

---

Updated on 2015-03-25