New Windows Kernel Flaw Affects XP to Windows 7

Dennis Faas's picture

Microsoft is reportedly investigating a new kernel flaw affecting all versions of the Windows operating system (OS), including the new Windows 7. The investigation began on Friday after an Israeli researcher alerted Microsoft to the issue.

In computing, the kernel is the central component of an operating system which is responsible for bridging software programs to hardware inside the computer.

Microsoft says it is working on the issue and will release a patch once it's ready. "Microsoft is investigating reports of a possible vulnerability in Windows Kernel," said the software company's Jerry Bryant in a statement on Friday. "Upon completion of the investigation, Microsoft will take appropriate action to protect its customers." (Source: topnews.us)

Remote Code Execution Possible

Tel Aviv security researcher Gil Dabah first reported the issue, claiming that the vulnerability could allow hackers remote access to a targeted system, giving them the ability to execute arbitrary code with kernel privileges. Dabah was able to demonstrate how the bug works by publishing a proof-of-concept on security blog RageStorm.com, a site he helps to run. (Source: computerworld.com)

It's said the flaw exists inside the "CreateDIBPalette" function of the device driver "Win32k.sys." According to security firm Secunia, hackers can use the device to their advantage by copying color values to an allocated buffer.

Thus far, Microsoft has patched 13 kernel vulnerabilities in 2010. Three affecting Win32k.sys were fixed in June alone.

Researcher Says Kernel Flaws Are Nothing New

Tavis Ormandy, a security blogger made famous when he reported a similar Microsoft vulnerability earlier this summer, says these kinds of Windows kernel flaws are pretty frequent.

"I don't think there's been more than a few days this year that Microsoft [hasn't] been vulnerable to public kernel flaws," Ormandy noted on Twitter. Ormandy has reported three kernel flaws in Windows this year.

Rate this article: 
No votes yet