An error occurred:

Check: 2011-B-0104

windows 7 iavm: 2011-B-0104 (in version v1 r32)

Title

Microsoft Windows Kernel Remote Denial of Service Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing a vulnerability affecting the Windows kernel. The Windows kernel is the core of the operating system. It provides system-level services such as device management and memory management, allocates processor time to processes, and manages error handling. To exploit this vulnerability, an attacker would entice a user to open a malicious file via network share or website-hosted. If successfully exploited, this vulnerability would allow an attacker to cause the affected system to restart. At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents. Windows Kernel Metadata Parsing DOS Vulnerability - (CVE-2011-1971): A denial of service vulnerability exists in Windows due to the way the kernel parses file meta-data when browsing to a folder. An attacker who successfully exploited this vulnerability could cause the affected system to crash.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft Bulletin MS11-068 (2556532). Vulnerable Applications/Systems: Windows Vista SP2 (x86 and x64) Windows Server 2008 SP2 (x86*, x64*** and Itanium) Windows 7 and Windows 7 SP1 (x86 and x64) Windows Server 2008 R2 and Windows Server 2008 R2 SP1 (x64* and Itanium) *Server Core installation not affected. Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems/Applications not listed below. Ntoskrnl.exe Windows Vista SP2 - 6.0.6002.18484 or 22662 Windows 2008 SP2 - 6.0.6002.18484 or 22662 Windows 7 / 2008 R2 – 6.1.7600.16841 or 20994 Windows 7 / 2008 R2 SP1 - 6.1.7601.17640 or 21755

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-29745

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check