Microsoft Windows Sysret Instruction Privilege Escalation Exploit (MS12-042) Update

On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. Windows is vulnerable due to the way the Windows User Mode Scheduler handles system requests. This module exploits the vulnerability and installs an agent with system privileges. This update fixes an issue in the documentation.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2012-0217
Product Version: 
12.5
Released Date: 
Monday, October 22, 2012 - 00:00