Windows又现内核漏洞
Updated: 29 Jun 2009
近期有几个Windows内核漏洞值得大家关注。这些漏洞可能被攻击者加以利用。截至目前,微软方面尚未发布相关的官方消息及针对这些漏洞的补丁。
漏洞之一存在于Windows 2000/ Windows XP/ Windows Server 2003 平台上,由不安全的Win32系统调用导致。Windows Vista和Windows 7系统不受影响。另一个漏洞涉及Windows XP SP2的系统端口驱动文件atapi.sys。漏洞的触发基于对用户台提交数据的过滤不严格。由于存在漏洞的函数未对由用户台传入的参数进行验证,从而可能导致内核数据被覆盖,引发系统蓝屏(BSOD)和拒绝服务(DoS)攻击。
我们目前尚未监测到利用此类漏洞的安全威胁。赛门铁克将对此保持紧密关注并进行进一步更新。
Blog Entry Filed Under:
About Security Response Blog
Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:
Recently on Twitter
threatintel
- Strange Case of W32.Xpaj.B as Patient Zero http://t.co/8872Zu17 #virus24 May 2012
- A legitimate digitally signed file is misused in order to load #malware on to a computer: http://t.co/wZjNKKCh24 May 2012
- ZTE Score: Privilege of Escalation in a Nutshell http://t.co/Svj5T57F23 May 2012
- #Worm Posts on SNS Sites and Wipes out Rivals http://t.co/RWRIZdzU18 May 2012
- Beware #419 scams taking advantage of the #Facebook IPO: http://t.co/7TPOvR8w18 May 2012
Blog Tags
Endpoint Protection (AntiVirus) Spam Malicious Code Online Fraud Vulnerabilities & Exploits phishing Security Risks Messaging Gateway Message Filter Symantec Protection Suites (SPS) Hosted Mail Security Mail Security for Exchange/Domino Emerging Threats Email Encryption Evolution of Security Mobile & Wireless Endpoint Encryption IT Risk Management W32.Stuxnet facebook Microsoft Patch Tuesday 10.x Internet Security Threat Report 9.x and Earlier 11.x