0day vulnerability in modern OS from Microsoft

On November 24th, a 0day vulnerability was discovered that affects all the most popular operating systems of the Windows family, namely, Windows XP, Vista, 7, and also Windows Server 2008. At the moment, even systems with all installed security updates are under attack. 32-bit and 64-bit editions. Technical details have already been published in the Chinese forum and led to the assumption that the attackers will soon begin to exploit the vulnerability.

The exploit uses a bug in the win32k.sys file that is included in the Windows kernel, and is the result of the NtGdiEnableEUDC API call failing to check user input for malicious content. Attackers can use this bug to rewrite the return addresses to malicious code, which is subsequently executed in privileged mode. As a result, a breach allows users or processes, even with limited privileges, to execute code with elevated permissions. Due to its nature, the exploit circumvents the protection provided by the UAC (User Account Control) technology, which is present in Windows Vista and Windows 7. Using an account that does not have administrator rights to work, respectively, also does not save. It is worth noting that at the moment the exploit does not work properly on all versions of the kernel - in some cases there is a BSOD, but it is likely that a potential attacker will have no difficulty modifying it to work on other versions.
Kaspersky Lab products exploit detected as Exploit.Win32.EUDCPoC.a.

Microsoft representatives reported that they are aware of the problem and are studying it. This vulnerability is already the second 0day bug in Microsoft products for the last month - a vulnerability was previously discovered in Internet Explorer.