The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Windows: three kernel vulnerabilities

Synthesis of the vulnerability 

Three vulnerabilities of the Windows kernel can be used by an attacker to execute code.
Impacted systems: Windows 2000, Windows 2003, Windows 2008 R0, Windows Vista, Windows XP.
Severity of this alert: 4/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 11/03/2009.
Références of this alert: 958690, BID-34012, BID-34025, BID-34027, CERTA-2009-AVI-091, CVE-2009-0081, CVE-2009-0082, CVE-2009-0083, MS09-006, VIGILANCE-VUL-8525.

Description of the vulnerability 

Three vulnerabilities of the Windows kernel can be used by an attacker to execute code.

The GDI interface (Graphics Device Interface) is used by applications to display text or graphic data. A malicious WMF or EMF image corrupts the memory via the GDI, which leads to code execution. If the malicious image is located in a web document, the code is executed with privileges of the victim displaying this document. [severity:4/4; BID-34012, CERTA-2009-AVI-091, CVE-2009-0081]

When a process opens a system resource, an handle is associated. A local attacker can use a malicious handle to elevate his privileges. He obtains the SYSTEM privilege. [severity:2/4; BID-34027, CVE-2009-0082]

A local attacker can use a malicious pointer in order to obtain the SYSTEM privilege. [severity:2/4; BID-34025, CVE-2009-0083]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness note impacts software or systems such as Windows 2000, Windows 2003, Windows 2008 R0, Windows Vista, Windows XP.

Our Vigil@nce team determined that the severity of this security bulletin is critical.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 3 vulnerabilities.

An attacker with a expert ability can exploit this weakness announce.

Solutions for this threat 

Windows: patch for the kernel.
A patch is available in information sources.
Workarounds are also proposed.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a software vulnerabilities bulletin. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.