Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability."
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE
Microsoft Windows RT 8.1
Microsoft Windows server 2003 - Sp2 (not an official CPE)
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows server 2008 R2 Sp1 ~~~~itanium~ (not an official CPE)
Microsoft Windows server 2008 R2 Sp1 ~~~~x64~ (not an official CPE)
Microsoft Windows Vista Service Pack 2
Microsoft Windows Server 2012
Microsoft Windows server 2012 R2 (not an official CPE)
Microsoft Windows RT
Microsoft Windows 8.1 - (not an official CPE)
Microsoft Windows 8 - (not an official CPE)
Microsoft Windows 7 - Sp1 (not an official CPE)
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| MS14-079 | |||
| 70949 | |||
| http://blogs.technet.com/b/srd/archive/2014/11/11/assess... |