stack.watch 👀 CVE-2012-0151 vulnerability in Microsoft Products

CVE-2012-0151 vulnerability in Microsoft Products
Published on April 10, 2012

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."

Known Exploited Vulnerability

This Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.

The following remediation steps are recommended / required by June 22, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2012-0151

You can be notified by stack.watch whenever vulnerabilities like CVE-2012-0151 are published in these products:

What versions are vulnerable to CVE-2012-0151?

Microsoft Windows Server 2008 sp2 x86

Microsoft Windows Server 2008 sp2 itanium

Microsoft Windows Server 2008 Version r2 itanium

Microsoft Windows Server 2008 Version r2 x64

Microsoft Windows XP Version - sp2 x64

Microsoft Windows XP sp3

Microsoft Windows Server 2008 sp2 x64

Microsoft Windows 7 sp1 x86

Microsoft Windows Server 2003 sp2

Microsoft Windows Vista sp2