CVE-2012-0148

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2, R2, and R2 SP1 Microsoft Windows 7 Gold and SP1 on 64-bit platforms

Description The issue arises from the Ancillary Function Driver (afd.sys) not properly validating user-mode input passed to kernel mode. This could allow a local attacker to gain privileges via a crafted application, potentially executing arbitrary code and taking complete control of an affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full administrative rights.

Recommendations For Microsoft Windows XP SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 SP2, R2, and R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 Gold and SP1 on 64-bit platforms, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the Ancillary Function Driver (afd.sys) to minimize the risk of exploitation.