Microsoft · Win32K.Sys · CVE-2011-1886
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows XP SP3
**Description**
An information disclosure issue exists due to improper validation of function parameters in Windows kernel-mode drivers. This allows an attacker to access data from any kernel-mode memory location, including access to the SAM file. A local user can exploit this by running a crafted application that triggers a NULL pointer dereference.
**Recommendations**
For Microsoft Windows XP SP3, consider restricting access to kernel-mode memory locations until a patch is available.
As a temporary workaround, avoid using applications that trigger NULL pointer dereferences in the win32k.sys driver until the issue is resolved.