You are here

U-028: Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability

November 7, 2011 - 8:15am

Addthis

PROBLEM:

Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability.

PLATFORM:

Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

ABSTRACT:

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

referenceĀ  LINKS:

Microsoft Security Advisory (2639658)
Secunia Advisory:SA46724
SecurityFocus Bugtraq ID: 50462
CVE-2011-3402

IMPACT ASSESSMENT:

High

Discussion:

The vulnerability is caused due to an error within the Win32k kernel-mode driver (win32k.sys) when parsing TrueType fonts. Successful exploitation allows execution of arbitrary code.

Impact:

This issue is being exploited in the wild by W32.Duqu. Duqu Zero-Day Exploit.

Solution:

Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine.
To obtain the latest MS product downloads, Microsoft Support.

Addthis