Ryan Naraine over on our sister-site, ZDNet, is reporting that another zero-day vulnerability has been reported for Microsoft Windows 7. A successful attack using this attack vector could lead to blue-screen crashes or code execution attacks. The vulnerability does require local access, which should limit widespread exploits of this particular vulnerability.
The advisory was issued by VUPEN, a French security research outfit. Their advisory summarizes the problem:
This issue is caused by a buffer overflow error in the “CreateDIBPalette()” function within the kernel-mode device driver “Win32k.sys” when using the “biClrUsed” member value of a “BITMAPINFOHEADER” structure as a counter while retrieving Bitmap data from the clipboard, which could be exploited by malicious users to crash an affected system or potentially execute arbitrary code with kernel privileges.
Tomorrow is Microsoft’s scheduled monthly patch day, but all indications are that this zero-day vulnerability is too newly discovered to be a part of Microsoft Patch Tuesday. However, I expect Justin James will have plenty to report.
