Windows Kernel Zero-Day Vulnerability
Prevx reported that an exploit for a previously unknown security vulnerability in win32k.sys kernel mode driver Windows was published in a Chinese forum. The vulnerability allows attackers to penetrate a system to increase its privileges; this can for example be used to insert a rootkit in the operating system. According to Prevx, the vulnerability affects both 32 and 64-bit systems on versions of Windows XP, Vista and Windows 7. VUPEN reports that Windows 2008 SP2 is also vulnerable to this attack. a buffer overflow in function NtGdiEnableEUDC Allows an attacker to inject a return address by pointing to his own code. This code can be run with system privileges. Microsoft is working on a solution to this problem, but none patch available at the moment. An exploit for an old vulnerability in the Windows task planner had been published a few days ago, and a critical vulnerability in Internet Explorer including version 8 also remains uncorrected. hot fixes are available for the latter. It is not yet clear when Microsoft will be able to fix the vulnerabilities; the next patch day It is scheduled for December 14.I give you a tip, USE LINUX! Founder of blog and channel Diolinux, passionate about technology and games.