Microsoft Patch Day: is that all?

http://www.prevx.com/blog/165/Microsoft-Patch-Day-is-that-all.html

 

Thanks Repne movsb for share MS should have released a fix for win32k.sys stack overflow vulnerability too.

 

Thanks! It's nice that Microsoft only chooses the fixes that they want and leave us open to exploit holes they know about for months!

TH

 

I don't know but since tuesday, they have a patch for the buffer overflow kernel vulnerability in win32k.sys...

From this bulletin... http://www.microsoft.com/technet/security/Bulletin/MS10-dec.mspx

clicking on a link MS10-098

Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)

 

Those updates are not related to the exploit the article is writing about

 

That patch to the kernel mode driver- win32k.sys seems like it. But the way to be sure of is to test the exploit like the way ssj100 did (do before and after patching and see the results)... -http://ssj100.fullsubject.com/security-f7/0-day-exploit-speaks-chinese-bypasses-uac-t298.htm-

..about the "0-day exploit speaks Chinese, bypasses UAC" which Marco Giuliani talks about.

 

No, the patch released by Microsoft is related to other win32k.sys issues, the one discovered on 24th Nov is still unpatched

 

Thanks Marco for stopping by and clearing that up!

TH

 

Oddly there still is no CVE id but you can track it here:
http://secunia.com/advisories/42356/

+ workaround
(at your own risk ...)