UpdatesDescription: This security update resolves a privately reported vulnerability in Virtual Address Descriptor. The vulnerability could allow elevation of privilege if a user runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could gain elevation of privilege on an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. The security update addresses the vulnerability by modifying the way that Virtual Address Descriptor handles memory allocation variables.

Update type: Important

Release date: October 14, 2008

Applies to: All

Knowledge base: http://support.microsoft.com/kb/956841

Download link: 32-bit | 64-bit

Comments: Here are the specifics on the vulnerabilities covered by this update:

  • Virtual Address Descriptor Elevation of Privilege Vulnerability – CVE-2008-4036

Leave a Reply