Blog
Anand Yadav

Microsoft Windows win32k.sys Memory Corruption Vulnerability

December 21, 2011
0
Estimated reading time: 1 minute

A vulnerability has been discovered in Microsoft Windows which can be exploited by malicious parties to potentially compromise a user’s system.

The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via a specially crafted web page containing an IFRAME with an overly large “height” attribute. This is viewed using the Apple Safari browser and can cause a BSoD.

Successful exploitation may allow execution of arbitrary code with kernel-mode privileges.

The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit. Other versions may also be affected.

Have something to add to this story? Share it in the comments.

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image