BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: BSOD in Win'2k3, Vista x86 and x64 by nonpriviledged user
From: support@xxxxxxxxxxxx
Date: Sat, 8 Nov 2008 18:54:06 -0700
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

BSOD or hard system hang due to race condition in win32k. sys code that 
processes UnhookWindowsHookEx. Reproduced when thread calls many times 
UnhookWindowsHookEx in the same time with switching active windows desktop 
object (SwitchDesktop) from desktop where hooks are unhooked and broadcasting 
windows messages to windows on that desktop. Sample exploit code can be 
downloaded from: http://killprog.com/whk.zip Works on Win'2k3 and Vista. XP 
seems to be immune to this.

Prev by Date: [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
Next by Date: Multiple remote vulnerabilities MoinMoin v1.80
Previous by thread: [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
Next by thread: Multiple remote vulnerabilities MoinMoin v1.80
Index(es):
- Date
- Thread