首页 / 操作系统 / Linux / Windows内核模式驱动程序Win32k不正确类型处理漏洞 (MS12-047)
发布日期:2012-07-10 更新日期:2012-07-10受影响系统: Microsoft Windows XP Service Pack 3 0 Microsoft Windows XP Professional x64 Edition S Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 R2 x64 SP1 Microsoft Windows Server 2008 R2 x64 0 Microsoft Windows Server 2008 R2 Itanium SP1 Microsoft Windows Server 2008 R2 Itanium 0 Microsoft Windows Server 2008 for x64-based Sys Microsoft Windows Server 2008 for Itanium-based Microsoft Windows Server 2008 for 32-bit System Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems 0 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for 32-bit Systems 0 Microsoft Windows 描述: -------------------------------------------------------------------------------- BUGTRAQ ID: 54302 CVE ID: CVE-2012-1893Microsoft Windows是微软公司推出的一系列操作系统。Windows内核模式驱动程序在创建hook过程时不正确验证了参数, 在实现上存在权限提升漏洞,成功利用后可允许在内核模式中运行任意代码。<*来源:Microsoft Lufeng Li (lilf@neusoft.com)
链接:http://www.microsoft.com/technet/security/bulletin/MS12-047.asp *>建议: -------------------------------------------------------------------------------- 厂商补丁:Microsoft --------- Microsoft已经为此发布了一个安全公告(MS12-047)以及相应补丁:MS12-047:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523)链接:http://www.microsoft.com/technet/security/bulletin/MS12-047.aspWindows内核模式驱动程序键盘布局本地权限提升漏洞 (MS12-047)Windows文件/目录名称处理 Shell命令注入漏洞 (MS12-048)相关资讯 不正确类型处理漏洞 本文评论 查看全部评论 (0)
易网时代-编程资源站