Abstract:User mode and Kernel mode software may inadvertently or purposely access the NULL (0x00000000) memory page. This memory location has been leveraged in attacks to successfully exploit a system. Microsoft® developed and released the KB28131702 patch (MS13-031) for 64-bit and 32-bit versions of Windows® 7 and Windows® 7 SP1 to mitigate this exploitation vector. The NULL page protection is part of Windows® beginning with Windows® 8 and onwards. IAVA 2013-A-0080 (KB2813170) was superseded by IAVA 2015-A-0009 and IAVA 2015-A-0033. However, those IAVAs do not address the requisite post-configuration registry value stated in the IAA document.
NOTE: This document supersedes IAA-U-OO-800824-17.