MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)
High Nessus Plugin ID 53391
SynopsisThe remote Windows kernel is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of the Windows kernel that is affected by the following types of vulnerabilities :
- Several use-after-free vulnerabilities exist due to the way that Windows kernel-mode drivers manage kernel-mode driver objects. (CVE-2011-0662, CVE-2011-0665, CVE-2011-0666, CVE-2011-0667, CVE-2011-0670, CVE-2011-0671, CVE-2011-0672, CVE-2011-0674, CVE-2011-0675, CVE-2011-1234, CVE-2011-1235, CVE-2011-1236, CVE-2011-1237, CVE-2011-1238, CVE-2011-1239, CVE-2011-1240, CVE-2011-1241, CVE-2011-1242)
- Several NULL pointer de-reference vulnerabilities exist due to the way that Windows kernel-mode drivers manage pointers to kernel-mode driver objects. (CVE-2011-0673, CVE-2011-0676, CVE-2011-0677, CVE-2011-1225, CVE-2011-1226, CVE-2011-1227, CVE-2011-1228, CVE-2011-1229, CVE-2011-1230, CVE-2011-1231, CVE-2011-1232, CVE-2011-1233)
An attacker with local access to the affected system can exploit these issues to execute arbitrary code in kernel mode and take complete control of the affected system.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.