SkyRecon Systems research team has recently uncovered the kernel-level vulnerability CVE-2009-0082. This Windows kernel vulnerability, if exploited, could allow for a local elevation of privilege, and ultimately, compromise of both the system and its data.

The Microsoft Windows kernel is the core of the operating system. The kernel-level vulnerability affects all Microsoft Windows 2000 and newer versions of the operating system. Successful exploitation of the vulnerability could lead to the execution of arbitrary code in kernel mode, and allow for complete control to be taken of the affected system. An attacker could then install programs; view, change or delete critical data; and even create new accounts with administrative user rights.

“In addition to building leading-edge unified client security solutions to secure the Windows operating environment, our research and development team strive to provide Microsoft with information we uncover in order to strengthen the security of their operating systems and related applications,” said Yann Torrent, R&D Director at SkyRecon Systems Inc. “During our ongoing security research of the Windows kernel environment, we found that the kernel didn’t validate these handles properly, exposing this vulnerability that could be used to gain elevated privileges, allowing for unapproved access and control over the endpoint.”

More information regarding the vulnerabilities and the Microsoft Security Bulletin can be found at:
-- Microsoft Security Bulletin MS09-006 – Critical Vulnerability
   Accredited to Thomas Garnier, SkyRecon Systems

SkyRecon’s partnership with Microsoft and its ongoing and recent vulnerability research, enable the innovative endpoint security vendor to be proactive in responding to the customer need for an endpoint security solution that proactively protects the system and data from compromise while not eating up their precious hardware and IT staff resources.

StormShield Security Suite delivers proactive protection for the system and the data through its unique multi-layered, light-weight, single-agent endpoint protection platform, providing risk-based control and dynamic policy enforcement for: anti-virus/anti-spyware, device control, full-disk and file-based encryption, host-based intrusion prevention (HIPS), system firewall, application control, wireless security, and network access control (NAC).