Sergey Golovanov

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** An issue exists due to the way Windows kernel-mode drivers load specific keyboard layouts, allowing an attacker to potentially run arbitrary code in kernel mode. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Vista SP1 and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2 Microsoft Windows 7 **Description** The Windows Task Scheduler does not properly determine the security context of scheduled tasks, allowing local users to gain privileges via a crafted application. An elevation of privilege vulnerability exists due to the improper validation of scheduled tasks' security context. This could allow an attacker to run arbitrary code in the security context of the local system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** For Microsoft Windows Vista SP1 and SP2, update to a version that properly validates the security context of scheduled tasks. For Microsoft Windows Server 2008 Gold, SP2, and R2, apply the necessary patch to fix the improper validation issue. For Microsoft Windows 7, ensure that the Windows Task Scheduler is updated to a version that correctly determines the security context of scheduled tasks.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP1 and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2 Microsoft Windows 7 **Description** The issue arises from the Print Spooler service's failure to properly validate spooler access permissions when printer sharing is enabled. This allows remote attackers to create files in a system directory and execute arbitrary code by sending a crafted print request over RPC. The vulnerability has been exploited in the wild. It is caused by insufficient input validation, which could enable a remote attacker to execute arbitrary code. If successfully exploited, an attacker could take complete control of an affected system, install programs, view, change, or delete data, or create new accounts. **Recommendations** For Microsoft Windows XP SP2 and SP3, apply the security update from Microsoft to fix the vulnerability. For Microsoft Windows Server 2003 SP2, apply the security update from Microsoft to fix the vulnerability. For Microsoft Windows Vista SP1 and SP2, apply the security update from Microsoft to fix the vulnerability. For Microsoft Windows Server 2008 Gold, SP2, and R2, apply the security update from Microsoft to fix the vulnerability. For Microsoft Windows 7, apply the security update from Microsoft to fix the vulnerability.