ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB971486

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege

UpdatesDescription: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. The security update addresses the vulnerabilities by ensuring that the Windows kernel truncates 64-bit values properly, ensuring that the Windows kernel properly validates data within an executable, and ensuring that the Windows kernel cleans up exceptions under error conditions.

Update type: Important

Release date: October 13, 2009

Applies to: All versions

Knowledge base: http://support.microsoft.com/kb/971486

Download link: 32-bit | 64-bit
Comments:Here are the specifics on the vulnerabilities covered by this update:

  • Windows Kernel Integer Underflow Vulnerability – CVE-2009-2515
  • Windows Kernel NULL Pointer Dereference Vulnerability – CVE-2009-2516
  • Windows Kernel Exception Handler Vulnerability – CVE-2009-2517
There is a download that resolves this issue.

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB971486.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts