Nils Sommer

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to insufficient access control in Windows kernel mode drivers, which can be exploited by a local attacker using a specially crafted application to elevate privileges. This is an elevation-of-privilege issue that affects the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1 Windows 10 Gold and 1511 **Description** The issue is related to insufficient access restrictions to certain functions in the Windows kernel, allowing a local attacker to elevate privileges using a specially crafted application. The vulnerability exists in the way Windows handles objects in memory, potentially enabling an attacker to run arbitrary code in kernel mode after logging on to the target system. This could allow the installation of programs, viewing, changing, or deleting data, or creating new accounts with full user rights. **Recommendations** For Windows Vista SP2, update to a newer version to mitigate the risk. For Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Windows 7 SP1, update to a newer version to mitigate the risk. For Windows 8, update to a newer version to mitigate the risk. For Windows 8.1, update to a newer version to mitigate the risk. For Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Windows RT Gold and 8.1, update to a newer version to mitigate the risk. For Windows 10 Gold and 1511, update to a newer version to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 **Description** The issue is caused by a buffer overflow in the Network Driver Interface Standard (NDIS) implementation, allowing local users to gain privileges via a crafted application. An elevation of privilege vulnerability exists when NDIS fails to check the length of a buffer prior to copying memory into it. To exploit the vulnerability, an attacker would first have to log on to the system. **Recommendations** For Microsoft Windows Vista SP2, update to a newer version that contains a fix for this issue. For Microsoft Windows Server 2008 SP2 and R2 SP1, update to a newer version that contains a fix for this issue. For Microsoft Windows 7 SP1, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the NDIS implementation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access restrictions to certain features in the Windows operating system. It can be exploited by a local attacker using a specially crafted application to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2003 SP2 and R2 SP2 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1 **Description** The issue is related to insufficient access restrictions to certain functions in the win32k.sys driver of the Windows operating system. Exploitation of this issue can allow a local attacker to elevate their privileges using a specially crafted application. This is due to the way the Windows kernel-mode driver handles objects in memory, potentially allowing an attacker to run arbitrary code in kernel mode. If successfully exploited, an attacker could install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this issue, an attacker would first need to log on to the system. **Recommendations** For Windows Server 2003 SP2 and R2 SP2, update to a newer version that includes the fix for this issue. For Windows Vista SP2, update to a newer version that includes the fix for this issue. For Windows Server 2008 SP2 and R2 SP1, update to a newer version that includes the fix for this issue. For Windows 7 SP1, update to a newer version that includes the fix for this issue. For Windows 8, update to a newer version that includes the fix for this issue. For Windows 8.1, update to a newer version that includes the fix for this issue. For Windows Server 2012 Gold and R2, update to a newer version that includes the fix for this issue. For Windows RT Gold and 8.1, update to a newer version that includes the fix for this issue. As a temporary workaround, consider restricting access to the win32k.sys driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2003 versions SP2 and R2 SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 and R2 SP1 Windows 7 version SP1 Windows 8 Windows 8.1 Windows Server 2012 versions Gold and R2 Windows RT versions Gold and 8.1 **Description** The issue is related to the kernel-mode drivers in Windows, allowing local users to gain privileges or cause a denial of service via a crafted application. This is due to insufficient validation of certain data passed from user mode, which could enable an attacker to run arbitrary code in kernel mode. The exploitation of this issue may lead to an attacker being able to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** For Windows Server 2003 SP2 and R2 SP2, update to a newer version to mitigate the risk. For Windows Vista SP2, update to a newer version to mitigate the risk. For Windows Server 2008 SP2 and R2 SP1, update to a newer version to mitigate the risk. For Windows 7 SP1, update to a newer version to mitigate the risk. For Windows 8, update to a newer version to mitigate the risk. For Windows 8.1, update to a newer version to mitigate the risk. For Windows Server 2012 Gold and R2, update to a newer version to mitigate the risk. For Windows RT Gold and 8.1, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the kernel-mode driver until a patch is available.