CVE-2010-1591

Name of the Vulnerable Software and Affected Versions Beijing Rising International Rising Antivirus versions 2008 through 2010

Description The issue arises from improper input validation to certain IOCTLs, including 0x83003C07, allowing local users to gain privileges via crafted IOCTL requests. This affects device drivers such as HookCont.sys, HookNtos.sys, HOOKREG.sys, or HookSys.sys, as well as the RsNTGdi.sys kernel module, which can be reached through DeviceRSNTGDI.

Recommendations For Beijing Rising International Rising Antivirus versions 2008 through 2010, consider disabling the affected device drivers (HookCont.sys, HookNtos.sys, HOOKREG.sys, HookSys.sys) and the RsNTGdi.sys kernel module as a temporary workaround until a patch is available. Restrict access to the IOCTL 0x83003C07 to minimize the risk of exploitation.