McAfee > Theat Center > Vulnerability Detail Page

Timeline

11/10/2009

Vendor has provided a patch.

Description

The vulnerability is caused by improper validation of input passed from user mode through the kernel component of GDI. Successful exploitation of the vulnerability could allow an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

McAfee Product Mitigation & Recommendations

Recommendations

The Vendor has released patches to address this issue http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-065) Win32k Insufficient Data Validation Vulnerability (969947)

Signature identifier:

7317

Release date:

11/10/2009

Additional Resources

(MS09-065) Win32k Insufficient Data Validation Vulnerability (969947)

http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

All Information

Timeline -

11/10/2009

Vendor has provided a patch.

Description -

The vulnerability is caused by improper validation of input passed from user mode through the kernel component of GDI. Successful exploitation of the vulnerability could allow an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

McAfee Product Mitigation & Recommendations

Recommendations -

The Vendor has released patches to address this issue http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-065) Win32k Insufficient Data Validation Vulnerability (969947)

Signature identifier:

7317

Release date:

11/10/2009

Additional Resources

Additional Resources -

(MS09-065) Win32k Insufficient Data Validation Vulnerability (969947)

http://www.microsoft.com/technet/security/bulletin/ms09-065.mspx