As if the big bundle of security vulnerabilities that are being addressed by this week’s Patch Tuesday release weren’t enough, now we have reports that an Israeli researcher has uncovered a heap overflow vulnerability in the Windows kernel that would allow attackers to exploit an API for retrieving data from the Windows clipboard. They could execute their code in kernel mode and infect machines with malware, and apparently the vulnerability exists in most current versions of Windows client and server operating systems.
The good news is that most kernel vulnerabilities require local access and logon and can’t be exploited remotely. Read more here:
http://www.computerworld.com/s/article/9180338/Microsoft_probes_new_Windows_kernel_bug?taxonomyId=85