MS14-002 Windows NDProxy Privilege Escalation

NDPROXY is a system-provided driver that interfaces WAN miniport drivers, call managers, and miniport call managers to the Telephony Application Programming Interfaces (TAPI) services. The vulnerability is caused when the NDProxy.sys kernel component fails to properly validate input. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode (i.e. with SYSTEM privileges).

Leave a Reply