Oval Definition:	oval:org.mitre.oval:def:21779
Revision Date: 2014-02-24 Version: 44 Title: Win32k window handle vulnerability in Microsoft Windows (CVE-2014-0262) - MS14-003 Description: win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Server 2008 R2 SP1 does not properly consider thread-owned objects during the processing of window handles, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-0262 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2008 R2 Product(s): Definition Synopsis Win 7 / R2 Microsoft Windows 7 (32-bit) Service Pack 1 is installed OR Microsoft Windows 7 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed AND Check for vulnerable version Check if the version of Win32k.sys is less than 6.1.7601.18327 OR Check for LDR Check if the version of Win32k.sys is greater than or equal to 6.1.7601.22000 AND Check if the version of Win32k.sys is less than 6.1.7601.22525
BACK