发布日期：2012-05-08
更新日期：2012-05-09

受影响系统：

Microsoft Windows Windows XP Service Pack 3 0
Microsoft Windows Windows XP Professional x64 Ed
Microsoft Windows Windows XP Professional x64 Ed
Microsoft Windows Windows XP 0
Microsoft Windows Windows Vista x64 Edition SP2
Microsoft Windows Windows Vista x64 Edition SP1
Microsoft Windows Windows Vista SP2
Microsoft Windows Windows Vista SP1
Microsoft Windows Windows Server 2008 Standard E
Microsoft Windows Windows Server 2008 R2 x64 SP1
Microsoft Windows Windows Server 2008 R2 x64 0
Microsoft Windows Windows Server 2008 R2 Itanium
Microsoft Windows Windows Server 2008 R2 Itanium
Microsoft Windows Windows Server 2008 for x64-ba
Microsoft Windows Windows Server 2008 for x64-ba
Microsoft Windows Windows Server 2008 for Itaniu
Microsoft Windows Windows Server 2008 for 32-bit
Microsoft Windows Windows Server 2008 for 32-bit
Microsoft Windows Windows Server 2003 x64 SP2
Microsoft Windows Windows Server 2003 SP2
Microsoft Windows Windows Server 2003 SP1
Microsoft Windows Windows Server 2003 Itanium SP
Microsoft Windows Windows 7 for x64-based System
Microsoft Windows Windows 7 for x64-based System
Microsoft Windows Windows 7 for 32-bit Systems S
Microsoft Windows Windows 7 for 32-bit Systems 0

描述：

---

BUGTRAQ  ID: 53326
CVE ID: CVE-2012-0181

Microsoft Windows是流行的计算机操作系统。

Windows内核模式驱动程序管理键盘布局文件的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者随后可安装程序；查看、更改或删除数据；或者创建拥有完全管理权限的新帐户。

<*来源：Microsoft
  
  链接：http://secunia.com/advisories/49121/
        http://secunia.com/advisories/49122/
        http://secunia.com/advisories/49120/
        http://secunia.com/advisories/49119/
        http://www.microsoft.com/technet/security/bulletin/MS12-034.asp
*>

建议：

---

厂商补丁：

Microsoft
---------
Microsoft已经为此发布了一个安全公告（MS12-034）以及相应补丁:

MS12-034：Combined Security Update for Microsoft Office, Windows, .NET Framework, and  Silverlight (2681578)

链接：http://www.microsoft.com/technet/security/bulletin/MS12-034.asp

浏览次数：2343
严重程度：0（网友投票）