Microsoft has issued a security advisory (2914486) informing the customers that Windows Kernel could allow elevation of privilege to attackers due the exploit of a bug in Windows XP’s NDPROXY.SYS driver.
“We are aware of limited, targeted attacks that attempt to exploit this vulnerability. Our investigation of this vulnerability has verified that it does not affect customers who are using operating systems newer than Windows XP and Windows Server 2003.” reported Microsoft.
Hackers could exploit the flaw to execute arbitrary code in the system’s kernel running it from a standard user account, be aware the vulnerability cannot be used for remote code execution.
“An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users” states the advisory.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.