Description: This security update resolves one publicly disclosed and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.The security update addresses the vulnerabilities by ensuring that the Windows Kernel handles exceptions properly. Keep reading →

Microsoft is investigating new public reports of a vulnerability in the Windows kernel. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-band security update, depending on customer needs.

Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font. In a Web-based attack scenario, an attacker would have to host a Web site that contains specially crafted embedded fonts that are used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a specially crafted Web site. Instead, an attacker would have to convince the user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the attacker’s site. The security update addresses the vulnerabilities by correcting the method used for validating the argument passed to the system call, validating input passed from user mode through the kernel component of GDI, and correcting the manner in which Windows kernel-mode drivers parse font code. Keep reading →

Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logged on to the system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit any of these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. The security update addresses the vulnerabilities by ensuring that the Windows kernel truncates 64-bit values properly, ensuring that the Windows kernel properly validates data within an executable, and ensuring that the Windows kernel cleans up exceptions under error conditions. Keep reading →

Description: This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege. An attacker who successfully exploited any of these vulnerabilities could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit these vulnerabilities. The vulnerabilities could not be exploited remotely or by anonymous users. The security update addresses these vulnerabilities by correcting the methods used for validating a change in specific kernel objects, for validating the input passed from user mode to the kernel, and for validating the argument passed to the system call. Keep reading →

Description: This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system. The security update addresses the vulnerabilities by validating input passed from user mode through the kernel component of GDI, correcting the way that the kernel validates handles, and changing the way that the Windows kernel handles specially crafted invalid pointers. Keep reading →

Transport Driver Interface: The protocol understood by the upper edge of the Transport layer of the Microsoft Windows kernel network stack.

Description: This security update resolves one publicly disclosed and two privately reported vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users. The security update addresses the vulnerabilities by correcting window property validation passed during the new window creation process, correcting the manner in which system calls from multiple threads are handled, and correcting validation of parameters passed to the Windows Kernel from user mode. Keep reading →

Consider the following scenario:

• You are running a Windows Vista Service Pack 1 (SP1)-based computer.
• Antivirus and antispyware with e-mail scanning software is installed on the computer.
• An e-mail client, such as Microsoft Office Outlook or Windows Mail, is configured to receive POP3 or SMTP e-mail messages.

When you start the e-mail client, or when you try to send or receive e-mail messages, Windows Vista crashes. Additionally, you receive the following Stop error message:

STOP: 0×1000008E (Parameter1, Parameter2, Parameter3, Parameter4) In TCPIP.SYS
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M

Note: This issue does not occur if one of the following conditions is true:

• The e-mail client is configured to receive HTTP e-mail messages instead of POP3 or SMTP e-mail messages.
• The e-mail client works offline.

Description: This security update resolves a privately reported vulnerability in the Windows kernel. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. Keep reading →