(MS12-042) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167)

  Severity: HIGH
  CVE Identifier: CVE-2012-0217,CVE-2012-1515
  Advisory Date: JUN 13, 2012

  DESCRIPTION

This update resolves a vulnerability in Windows that could allow elevation of privilege when exploited. This update corrects handling of system requests done by Windows User Mode Scheduler and managing BIOS ROM.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows XP Service Pack 3
  • Windows Server 2003 Service Pack 2
  • Windows 7 for x64-based Systems
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core Installation)
  • Windows Server 2008 R2 for x64-based Systems (Server Core Installation)