Remote Code Execution Vulnerabilities in Windows Kernel-Mode Drivers - MS09-065ID: oval:org.secpod.oval:def:2244 | Date: (C)2011-09-12 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS09-065. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to validate the argument passed to the system call and input passed from user mode through the kernel and handle a specially crafted Embedded OpenType (EOT) font. Successful exploitation allows an attacker to execute arbitrary code or take complete control of an affected system.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |