MS11-077: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
High Nessus Plugin ID 56451
SynopsisThe remote Windows kernel is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of the Windows kernel that is affected by the following vulnerabilities :
- A NULL pointer deference that could allow privilege escalation. (CVE-2011-1985)
- A DoS caused by processing a specially crafted TrueType font file. (CVE-2011-2002)
- A code execution vulnerability triggered by tricking a user into opening a specially crafted .fon font file.
- A use after free vulnerability that could allow privilege escalation. (CVE-2011-2011)
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.