Microsoft DebugView Kernel Module Dbgv.SYS Local Privilege Escalation Vulnerability

Microsoft DebugView Kernel Module Dbgv.SYS Local Privilege Escalation Vulnerability

Microsoft DebugView is prone to a local privilege-escalation vulnerability because it allows user-supplied data to be copied into memory addresses reserved for the kernel.

An attacker could exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. A successful exploit could result in the complete compromise of the affected computer. Failed attempts could cause denial-of-service conditions.

Microsoft DebugView 4.64 is vulnerable; other versions may also be affected.