Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

SkyRecon Identifies Two Kernel-Level Windows Vulnerabilities

October 2008 by SkyRecon

SkyRecon Systems announced that its research team has uncovered two kernel-level vulnerabilities – CVE-2008-2252 and CVE-2008-3464 – both located in multiple versions of the Microsoft® Windows® operating system.

The Microsoft Windows kernel is the virtual interface between the hardware and the operating system, providing administrative control over multiple subsystems, processes, and memory. Some of the subsystems are designed run within the kernel space, providing direct access to the other kernel-level services directly through the operating system layer. Compromise of the kernel via one of the kernel-level subsystems could expose the system to further compromise, such as a root-kit injection that could lead to hi-jacking and remote control of the endpoint.

These are two important vulnerabilities that our research team has identified and that are being patched this month” said Thomas Garnier, Senior Research Engineer at SkyRecon Systems. “During our ongoing security research of the Windows kernel environment and our passionate desire to protect the Windows business environment, we found these two important vulnerabilities which could be used to increase privileges for the compromised subsystem, effectively granting local access to every component of the system – both hardware and software.

Both vulnerabilities – CVE-2008-2252 and CVE-2008-3464 – affect the kernel in the following 32-bit, 64-bit, and Itanium versions of the Windows operating systems: Windows XP Professional, Windows 2000 Server, and Windows 2003 Server. Vulnerability CVE-2008-2252 affects Windows Vista as well. CVE-2008-2252 is located in the graphical kernel interface while CVE-2008-3464 is located in the network kernel interface subsystem areas. If exploited, either vulnerability could allow for a local escalation of privilege, and ultimately, system compromise.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts