Monday, January 25, 2010

Unpatched Microsoft Windows "KiTrap0D" Privilege Escalation in Metasploit

HD Moore posted the following on his twitter (@hdmoore) update in the last several hours...
Easy privilege escalation in Metasploit using Tavis Ormandy's KiTrap0d code (with minor tweaks): (svn update)

Original advisory -

If the use of 16-bit program is not required, you can disable the VDM by a simple registry configuration change. This mitigation is outlined in an H-Online article from last week.


On Jan 20th, Microsoft released a Security Advisory (979682) outlining the issue....

No comments:

Post a Comment