Microsoft Windows AFD Driver Local Privilege Escalation Exploit (MS08-066)

This module exploits a vulnerability in Windows Ancillary function driver when the 0x1203F IOCTL in afd.sys is invoked with a specially crafted parameter. The IOCTL 0x1203F handler in the afd.sys function driver allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Thursday, October 16, 2008 - 19:00