According to foreign media reports, Microsoft's Windows 7 operating system came out a new zero-day vulnerability, the vulnerability can cause user's system blue screen of death or subjected to code execution attacks.
Vulnerability research company VUPEN French said the flaw could allow local attackers to execute denial of service attacks (Denial of Service), or to obtain a higher user rights.
When using the "BITMAPINFOHEADER" structure "biClrUsed" value as a counter, Win32k.sys driver file "CreateDIBPalette ()" function buffer overflow errors occur this problem from occurring. When the user receives a bitmap from the clipboard data, an attacker may cause a system crash victims, or to use the kernel to execute arbitrary malicious code.
It is reported that the flaw affects Windows 7, Windows Server 2008 SP2, Windows Server 2003 SP2, Windows Vista SP2 and Windows XP SP3. Currently, Microsoft is investigating the security vulnerabilities.
All right reserved!
No comments:
Post a Comment