Microsoft shocked : Local Privilege Escalation in Windows Kernel.

Do you remember Google vs China? Remember bugs that have allowed Chinese hackers to enter into Gmail accounts and access to confidential information?

Microsoft has confirmed a privilege-escalation vulnerability in the Windows kernel, one day after a Google engineer posted details of the flaw to the Full Disclosure mailing list.

Systems Affected :
All supported versions of 32-bit Windows, while 64-bit versions, which includes Windows Servers 2008 R2, are not impacted.

Details :
Vulnerability is difficult to exploit, the risk for users is low, and the software giant is not aware of any public attacks exploiting the flaw.
To exploit this vulnerability, an attacker must already have a local access to the system, then elevate their privileges to the administrative level and run programs of their choice on the system.

Advisory + sploit : (external link)
KiTrap0D

Internet Explorer – Remote Code Execution Vulnerability
Microsoft is issuing on January 21 an out-of-band fix for the Internet Explorer security breach that affected Google and other companies in China.