Vulnerabilities in Windows Kernel Could Allow Remote Code Execution
Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system. The security update addresses the vulnerabilities by validating input passed from user mode through the kernel component of GDI, correcting the way that the kernel validates handles, and changing the way that the Windows kernel handles specially crafted invalid pointers.
Update type: Critical
Release date: March 10, 2009
Applies to: All
Knowledge base: http://support.microsoft.com/kb/958690
Comments: Note that there are different downloads if you are running Vista SP2 Beta or RC. Here are the specifics on the vulnerabilities covered by this update:
- Windows Kernel Input Validation Vulnerability – CVE-2009-0081
- Windows Kernel Handle Validation Vulnerability – CVE-2009-0082
- Windows Kernel Invalid Pointer Vulnerability – CVE-2009-0083
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB958690.