Vigil@nce - Windows: privilege elevation via AFD
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can create an error in Ancillary Function Driver
in order to execute code with system privileges.
Impacted products: Windows 2003, Windows 2008, Microsoft Windows
2012, Windows 7, Windows 8, Windows RT, Windows Vista
Severity: 2/4
Creation date: 08/07/2014
DESCRIPTION OF THE VULNERABILITY
The afd.sys (Ancillary Function Driver) driver is used to access
to Winsock network features. The TDI (Transport Driver Interface)
interface is used to communicate with AFD.
However, TDI does not correctly check User Mode parameters given
to the kernel. Technical details are unknown.
A local attacker can therefore create an error in Ancillary
Function Driver in order to execute code with system privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-privilege-elevation-via-AFD-15009