CVE-2010-0232

Name of the Vulnerable Software and Affected Versions Microsoft Windows NT versions 3.1 through 7 Microsoft Windows 2000 version SP4 Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2

Description The issue is related to the kernel in Microsoft Windows not properly validating certain BIOS calls when access to 16-bit applications is enabled on a 32-bit x86 platform. This allows local users to gain privileges by crafting a VDM TIB data structure in the Thread Environment Block (TEB) and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (NTVDM) subsystem. The vulnerability involves improperly handled exceptions, including the #GP trap handler (nt!KiTrap0D). An attacker who successfully exploits this issue could run arbitrary code in kernel mode, potentially allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows NT versions 3.1 through 7, update to a version that includes the fix for this issue. For Microsoft Windows 2000 version SP4, apply the recommended patch or update to a newer version. For Microsoft Windows XP versions SP2 and SP3, apply the recommended patch or update to a newer version. For Microsoft Windows Server 2003 version SP2, apply the recommended patch or update to a newer version. For Microsoft Windows Vista versions Gold, SP1, and SP2, apply the recommended patch or update to a newer version. For Microsoft Windows Server 2008 versions Gold and SP2, apply the recommended patch or update to a newer version. As a temporary workaround, consider disabling access to 16-bit applications on 32-bit x86 platforms to minimize the risk of exploitation.