Microsoft Windows Knowledge Base Article 2645640 update is not installed (WinMs12kb2645640Update)

Vuln ID: 72841
Risk Level: High risk vulnerability  High WinMs12kb2645640Update
Platforms: Microsoft Windows Server 2003: SP2, Microsoft Windows Server 2003: SP2 Itanium, Microsoft Windows Server 2003: SP2 x64, Microsoft Windows XP: SP2 x64 Professional, Microsoft Windows Server 2008: x64, Microsoft Windows Vista: SP2 x64, Microsoft Windows Server 2008: R2 x64, Microsoft Windows Server 2008: R2 Itanium, Microsoft Windows Server 2008: SP2 Itanium, Microsoft Windows 7: SP1 x64, Microsoft Windows Server 2008: R2 SP1 x64, Microsoft Windows Server 2008: R2 SP1 Itanium
Description:

Microsoft Windows Knowledge Base Article 2645640 update is not installed on the system, which could allow an attacker to exploit the following vulnerabilities:

The Microsoft Windows Ancillary Function Driver (afd.sys) could allow a local attacker to gain elevated privileges on the system, caused by improper validation of input passed from user mode to the kernel. By executing a malicious application on the vulnerable system, a local attacker with valid login credentials could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS12-009. See References.

False Positives:
False Negatives:
Required Permission: Windows login
Additional Information:

References:

Microsoft Security Bulletin MS12-009
Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2645640)
http://technet.microsoft.com/en-us/security/bulletin/ms12-009

IBM Internet Security Systems X-Force Database
Microsoft Windows Ancillary Function Driver privilege escalation
http://xforce.iss.net/xforce/xfdb/72839

IBM Internet Security Systems X-Force Database
Microsoft Windows Ancillary Function Driver privilege escalation
http://xforce.iss.net/xforce/xfdb/72840

ISS X-Force
Microsoft Windows Knowledge Base Article 2645640 update is not installed
http://www.iss.net/security_center/static/72841.php

CVE CVE-2012-0148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0148

CVE CVE-2012-0149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0149


X-Force Logo
Know Your Risks
Mitre.org CVE Logo
Common Vulnerabilties & Exposures