R136A1

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 **Description** The issue is related to insufficient access restrictions in the Win32k.sys driver of Windows operating systems. Exploitation of this issue can allow an attacker to elevate their privileges. It is known that this vulnerability has been exploited in the wild, specifically in April 2015. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. **Recommendations** For Windows Server 2003 SP2, consider applying the necessary security updates to resolve the issue. For Windows Vista SP2, apply the relevant security patches to fix the vulnerability. For Windows Server 2008 SP2, install the available security update to mitigate the risk. As a temporary workaround, consider restricting access to the Win32k.sys driver until a patch is applied.