Description: This security update resolves one publicly disclosed and two privately reported vulnerabilities in the Windows kernel. A local attacker who successfully exploited these vulnerabilities could take complete control of an affected system. The vulnerabilities could not be exploited remotely or by anonymous users. The security update addresses the vulnerabilities by correcting window property validation passed during the new window creation process, correcting the manner in which system calls from multiple threads are handled, and correcting validation of parameters passed to the Windows Kernel from user mode.
Update type: Important
Release date: October 14, 2008
Applies to: All
Knowledge base: http://support.microsoft.com/kb/954211
Comments: Here are the specifics on the vulnerabilities covered by this update: