You are here

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service

November 25, 2011 - 9:00am

Addthis

PROBLEM:

A vulnerability was reported in the Windows Kernel. A local user can cause denial of service conditions.

PLATFORM:

Windows Win32k.sys

ABSTRACT:

Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny

reference LINKS:

SecurityTracker Alert ID: 1026347
Secunia ID: SA46919

IMPACT ASSESSMENT:

Low

Discussion:

A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an indexing error in the win32k.sys driver when loading a keyboard layout file. This can be exploited to access an invalid memory location resulting in a system crash.
The vulnerability is confirmed on a fully patched Windows XP SP3 (win32k.sys version 5.1.2600.6149). Other versions may also be affected.

Impact:

DoS (Denial of Service)
This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Solution:

Restrict access to trusted users only.

Addthis