Windows内核模式驱动程序键盘布局本地权限提升漏洞 (MS12-047)

受影响系统:

Microsoft Windows XP Service Pack 3 0
Microsoft Windows  XP Professional x64 Edition S
Microsoft Windows  Vista x64 Edition SP2
Microsoft Windows  Vista SP2
Microsoft Windows  Server 2008 R2 x64 SP1
Microsoft Windows  Server 2008 R2 x64 0
Microsoft Windows  Server 2008 R2 Itanium 0
Microsoft Windows  Server 2008 for x64-based Sys
Microsoft Windows  Server 2008 for Itanium-based
Microsoft Windows  Server 2008 for 32-bit System
Microsoft Windows  Server 2003 x64 SP2
Microsoft Windows  Server 2003 Itanium SP2
Microsoft Windows  7 for x64-based Systems SP1
Microsoft Windows  7 for x64-based Systems 0
Microsoft Windows  7 for 32-bit Systems SP1
Microsoft Windows  7 for 32-bit Systems 0
Microsoft Windows

描述:


BUGTRAQ  ID: 54285
CVE ID: CVE-2012-1890

Microsoft Windows是微软公司推出的一系列操作系统。

Windows内核模式驱动程序处理特定键盘布局时存在权限提升漏洞,成功利用后可允许在内核模式中运行任意代码。

<*来源:Microsoft
Nicolas Economou

链接:http://www.microsoft.com/technet/security/bulletin/MS12-047.asp
*>

建议:


厂商补丁:

Microsoft
———
Microsoft已经为此发布了一个安全公告(MS12-047)以及相应补丁:

MS12-047:Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of  Privilege (2718523)

链接:http://www.microsoft.com/technet/security/bulletin/MS12-047.asp

评论关闭。