Oval Definition:oval:org.mitre.oval:def:26868
Revision Date:2014-12-08Version:23
Title:Windows disk partition driver elevation of privilege vulnerability - CVE-2014-4115 (MS14-063)
Description:fastfat.sys (aka the FASTFAT driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly allocate memory, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (reserved-memory write) by connecting a crafted USB device, aka "Microsoft Windows Disk Partition Driver Elevation of Privilege Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-4115
Platform(s):Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Product(s):
Definition Synopsis
  • 2k8/Vista and vulnerable file version
  • 2k8 / Vista
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND Check for vulnerable versions
  • Check for LDR
  • Check if the version of fastfat.sys is less than 6.0.6002.23480
  • AND Check if the version of fastfat.sys is greater than or equal to 6.0.6002.23000
  • OR Check if the version of fastfat.sys is less than 6.0.6002.19176
  • OR 2k3 and vulnerable file version
  • Check for Windows Server 2003 SP2 (x86)/(x64)/(ia64)
  • Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • OR Microsoft Windows Server 2003 for Itanium is installed
  • AND Check if the version of fastfat.sys is less than 5.2.3790.5425
    • BACK