Security experts are warning about a newly discovered local privilege escalation bug in the Windows kernel. The bug affects most of the current versions of the operating system, including Vista and Windows 7. The flaw is a stack overflow in the NtGdiEnableEUDC API, which an attacker could use to escalate his privileges once he s on a system, the company said. There is no patch available for the bug yet, and there is publicly available exploit code for it. The vulnerability is considered a critical, even though it can t be exploited remotely.
Source: https://threatpost.com/exploit-code-out-new-windows-kernel-flaw-112910/74710/