Microsoft has confirmed a privilege-escalation vulnerability in the Windows kernel, one day after a Google engineer posted details of the flaw to the Full Disclosure mailing list.
Jerry Bryant, senior security program manager at Microsoft, said in a blog post that the bug affects all supported versions of 32-bit Windows, while 64-bit versions, which includes Windows Servers 2008 R2, are not impacted.
In addition, the vulnerability is difficult to exploit, he said. As a result, Microsoft deems the risk to users to be low, and the software giant is not aware of any public attacks exploiting the flaw.
"To exploit this vulnerability, an attacker must already have valid logon credentials and be able to log on to a system locally, meaning they must already have an account on the system," Bryant said. "An attacker could then elevate their privileges to the administrative level and run programs of their choice on the system.
As users await a patch — Microsoft's next security update is due out February 9 — they can disable the NT Virtual DOS Mode (NTVDM) subsystem if they do not require NTVDM or support for 16-bit applications, he said.
Microsoft's disclosure of the zero-day vulnerability comes one day before Microsoft was set to release an emergency fix for a dangerous Internet Explorer hole that has been leveraged in the widely publicised Chinese espionage attacks on Google and other high-profile companies.
See original article on scmagazineus.com
Microsoft confirms low-risk zero-day in Windows kernel
Less risky than notorious IE flaw.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers

See everything. Do more.

Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Diamond IT Delivers GRC Transformation with Microsoft Purview

Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks

Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy