Skip navigation
Menu
End-User Platforms>Windows 7/8

Arbitrary Code Execution in Microsoft Windows

Reported October 12, 2004, by Microsoft

VERSIONS AFFECTED

  • Windows Server 2003
  • Windows XP Service Pack 1 (SP1) and earlier
  • Windows 2000
  • Windows NT Server 4.0
  • Windows 98 and Windows 98 Second Edition (Win98SE)

DESCRIPTION
Four new vulnerabilities have been discovered in various versions of Windows that result in the arbitrary execution of code on the vulnerable system. These vulnerabilities consist of

  • Window Management vulnerability
  • Virtual DOS Machine (VDM) vulnerability
  • Graphics Rendering Engine vulnerability
  • Windows kernel vulnerability

VENDOR RESPONSE
Microsoft has released bulletin MS04-032, "Security Update for Microsoft Windows (840987)," to address these vulnerabilities and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Brett Moore, eEye Digital Security, Patrick Porlan, and hlt.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019