kernel bug not patched for over 2 years (but fixed in Vista and 2003)

or maybe designed differently in these newer versions?

title:
microsoft windows kernel gdi local privilege escalation

description:
a vulnerability in the handling of gdi kernel structures of microsoft windows leads to an exploitable memory corruption condition, causing a denial of service (so-called bsod) or arbitrary code execution on successful exploitation. this would allow a local user to escalate privileges, gaining full control of the system.

as part of the month of kernel bugs, mokb:
http://projects.info-pull.com/mokb/mokb-06-11-2006.html

and our mirror to their main page:
http://www.securiteam.com/mokb/

gadi evron,
ge@beyondsecurity.com.

Share