Apply Kernel Protection on Windows® 7 and Windows®1 7 SP1 - Updated

Abstract: User mode and Kernel mode software may inadvertently or purposely access the NULL (0x00000000) memory page. This memory location has been leveraged in attacks to successfully exploit a system. Microsoft® developed and released the KB28131702 patch (MS13-031) for 64-bit and 32-bit versions of Windows® 7 and Windows® 7 SP1 to mitigate this exploitation vector. The NULL page protection is part of Windows® beginning with Windows® 8 and onwards. IAVA 2013-A-0080 (KB2813170) was superseded by IAVA 2015-A-0009 and IAVA 2015-A-0033. However, those IAVAs do not address the requisite post-configuration registry value stated in the IAA document. NOTE: This document supersedes IAA-U-OO-800824-17.

Date Published:

Last Reviewed: 25 April 2017

Dissemination Control: N/A

Length: 1 page(s)

Format: pdf

Type: Advisory/Alert; IA Technical Advisory

Tags: Advisory; Kernel; Windows; NULL; memory location; SP1; IAVA