Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows xp |
||
microsoft windows 2003 server |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2008 |
||
microsoft windows vista |
||
microsoft windows 7 |
Stolen card values on the way down ahead of chip card debut
A hacker group has stolen some 10 million credit cards, putting itself in a position to score US$400 million (£279 million, A$516 million) by infecting 2000 payment terminals with the Trinity point of sales malware. Security firm FireEye and subsidiaries iSIGHT Partners and Mandiant examined the "Fin6" group last year after it was found plundering millions of cards. The first two firms now say the cards stolen from hospitality and retails firms have earned the hacking group hundreds of millions...