win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 7 - |
||
microsoft windows 8.1 - |
||
microsoft windows server 2003 |
||
microsoft windows vista |
||
microsoft windows server 2012 r2 |
||
microsoft windows rt 8.1 - |
||
microsoft windows 8 - |
||
microsoft windows server 2012 - |
||
microsoft windows server 2008 |
||
microsoft windows server 2008 r2 |
||
microsoft windows rt - |
Playboy ploy not beneath APT3
Sysadmins who have not yet patched their Windows boxes against the 18-year-old "unicorn-like" OLE bug disclosed last month could expect a deluge of spear phishing smut from a group once confined to lofty targeted zero-day attacks. The talented APT3 group was behind widespread zero-day attacks code-named Clandestine Fox earlier this year and was now targeting recently patched Windows vulnerabilities, according to FireEye researchers. That group had begun spewing spear-phishing emails targeting tw...
Update (2014.10.15) – administrative notes for preparation… Friends on Twitter let me know their update cycle took close to 20 minutes on Windows 7. Yesterday, others on 8.1 told me their update download was around a gig, for some it was ~200 mb. Also, this cycle likely requires everyone a reboot to complete. ******* This morning was possibly one of the most information rich in the history of Microsoft’s patch Tuesdays. Last month, we pointed out the Aurora Panda/DeputyDog actor was l...