This module exploits a vulnerability on Microsoft Windows "CSRSS.EXE" process and causes a BSoD.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs

or have limited functionality and may not have complete or accurate documentation.

This module exploits a local race-condition vulnerability in PolicyKit, which allows local users to execute arbitrary code with root privileges.

This module causes a BSOD in Microsoft Windows when parsing a specially crafted OpenType font file.



This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability on Microsoft Hyper-V sending a crafted packet from the "guest OS" to the "host OS" through the vmbus mechanism producing a non responsiveness effect in the all virtual machines running at the time.

This module exploits a kernel stack exhaustion in Microsoft Windows when parsing a specially crafted OpenType font file.

A double free vulnerability in the OpenType Font (OTF) driver in Windows could allow local users to escalate their privileges via a specially crafted OpenType font.

This module exploits a vulnerability on "i386_set_ldt" function of "mach_kernel" creating a "call gate" entry in the LDT.

The .NET Runtime Optimization Service, part of the .NET Framework, is prone to a privilege escalation vulnerability, which can be exploited by local unprivileged users to execute arbitrary code with SYSTEM privileges.

This module adds support to Microsoft Windows 2003, Microsoft Windows Vista and Microsoft Windows Seven as a "guest OS".



This module exploits a vulnerability on Microsoft Hyper-V sending a crafted packet from the "guest OS" to the "host OS" through the vmbus mechanism.

This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges.



This update improves the checks to verify whether the vulnerable application is installed or not.