Two Critical Vulnerabilities Discovered in Windows Kernel Drivers
( Microsoft Security Bulletin MS12-078, CVE-2012-2556, CVE-2012-4786 )
Summary
Critical vulnerabilities in the OpenType and TrueType drivers can be exploited to allow remote code execution on a targeted machine. The Check Point IPS Software Blade provides immediate protection against these issues for unpatched systems.
Details
OpenType and Truetype are scalable outline font standards used for on-screen and printing typography.
The vulnerabilities in the OpenType and TrueType drivers are due to how the drivers handle objects in memory. Both can be exploited by an attacker by convincing a user to open a maliciously crafted document or web site, allowing the attacker to then install programs; view, change, or delete data; or create new accounts with full administrative rights on the targeted machine.
Solution
Check Point recommends applying the updates detailed in MS12-078 to vulnerable systems as soon as is practical. In the meantime, the Check Point IPS Software Blade provides immediate protection for unpatched systems by detecting and blocking attempts to exploit the vulnerabilities. For more information about the operating systems that are vulnerable to each driver issue, see CPAI-2012-1279 and CPAI-2012-1291.
Originally Published:
Last Updated: 12-Dec-2012