CVE-2008-3464

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 versions SP1 through SP2

Description The issue arises from improper validation of input sent from user mode to the kernel in the Ancillary Function Driver (AFD) component. This allows local users to gain privileges via a crafted application, potentially enabling an attacker to run code with elevated privileges and execute arbitrary code, thereby taking complete control of an affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows XP versions SP2 through SP3, update to a version that properly validates input passed from user mode to the kernel. For Microsoft Windows Server 2003 versions SP1 through SP2, update to a version that properly validates input passed from user mode to the kernel. As a temporary workaround, consider restricting access to the Ancillary Function Driver (afd.sys) to minimize the risk of exploitation.