Windows Kernel-Mode Drivers Remote Code Execution Vulnerability (2617657) Network Vulnerability

Summary

This host has moderate security update missing according to Microsoft Bulletin MS11-084.

Impact

Successful exploitation could allow local attackers to gain elevated privileges or to run arbitrary code in kernel mode and take complete control of an affected system. An attacker could then install programs view, change, or delete data or create new accounts with full administrative rights. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms11-084

Insight

The flaw is due to an array-indexing error in 'Win32k.sys' when parsing TrueType font files, which can be exploited by attackers to cause a denial of service.

Affected

Microsoft Windows 7 Service Pack 1 and prior

References

http://secunia.com/advisories/46751
http://support.microsoft.com/kb/2617657
http://technet.microsoft.com/en-us/security/bulletin/ms11-084

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2004
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Consent User Interface Privilege Escalation Vulnerability (2442962)
Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2879017)
Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
Microsoft Internet Explorer Memory Corruption Vulnerability (2755801)
Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)

Take action and discover your vulnerabilities