CVE-2012-0178

Name of the Vulnerable Software and Affected Versions Windows Partition Manager versions in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1

Description The issue is related to an elevation of privilege vulnerability in the way Windows Partition Manager handles device relations requests. This could allow an attacker to run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full administrative rights. The vulnerability can be exploited by making multiple simultaneous Plug and Play (PnP) Configuration Manager function calls via a crafted application.

Recommendations For Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.