Security Advisory
Microsoft Security Advisory 932596
Update to Improve Kernel Patch Protection
Published: August 14, 2007 | Updated: April 23, 2008
An update is available for Kernel Patch Protection included with x64-based Windows operating systems. Kernel Patch Protection protects code and critical structures in the Windows kernel from modification by unknown code or data. This update adds additional checks to this protection for increased reliability, performance, and resiliency of Windows. For more information about this release, see Microsoft Knowledge Base Article 932596. We encourage customers running x64-based Windows operating systems to install this update. For more information about Kernel Patch Protection, see the following Microsoft Web Site. For more information about the updates included in this release, see Microsoft Knowledge Base Article 932596.
General Information
Overview
Purpose of Advisory: To announce the availability of and to clarify the purpose of an update for Kernel Patch Protection included with x64-based Windows operating systems.
Advisory Status: Microsoft Knowledge Base Article and associated update were released.
Recommendation: Review the referenced Knowledge Base Article and apply the appropriate update.
| References | Identification |
|---|---|
| Microsoft Knowledge Base Article | 932596 |
This advisory discusses the following software.
| Related Software |
|---|
| Microsoft Windows XP Professional x64 Edition |
| Microsoft Windows XP Professional x64 Edition Service Pack 2 |
| Microsoft Windows Server 2003 x64 Edition |
| Microsoft Windows Server 2003 x64 Edition Service Pack 2 |
| Microsoft Windows Vista x64 Edition |
Frequently Asked Questions
What is the scope of the advisory?
To announce the availability of and to clarify the purpose of an update for Kernel Patch Protection included with x64-based Windows operating systems.
What is Kernel Patch Protection?
Kernel Patch Protection is a technology included with x64-based Windows operating systems that helps protect code and critical structures in the Windows kernel from being modified by unknown software or data, known as “kernel patching”. Kernel Patch Protection was implemented in these versions of Windows to help protect the integrity of the Windows kernel and, as a result, improve the overall reliability, performance, and resiliency of Windows. For more information about Kernel Patch Protection see the following Microsoft Web Site.
Why is Microsoft releasing this update?
Microsoft is releasing this update to provide additional resiliency to the Kernel Patch Protection system.
Does this update have anything to do with the last Kernel update in Microsoft Knowledge Base Article 914784?
Microsoft plans to periodically update Kernel Patch Protection. This update, in Microsoft Knowledge Base Article 932596, supersedes any prior updates to Kernel Patch Protection. This means that you do not have to install any prior updates in order to install this update.
Are there any known issues with installing the Kernel update in Microsoft Knowledge Base Article 932596?
Microsoft Knowledge Base Article 932596 documents the currently known issues that customers may experience when installing the update.
Is this a security vulnerability that requires Microsoft to issue a security update?
No. While this update adds additional checks to the Kernel Patch Protection system, it does not involve a security vulnerability. Known methods that allow the kernel to be patched on systems where Kernel Patch Protection is enabled require a system to already be compromised by an attacker.
How will Microsoft list this update on the Windows Update Web site?
The update for Kernel Patch Protection is a high-priority update on the Windows Update Web site. On the Windows Update site it will be listed in the “High Priority” Updates category for customers that haven’t received the update already and are running the software listed above.
Should I install this update even if I have kept my x64-based Windows operating systems up to date?
Yes. While this update does not address any critical security vulnerabilities, the update does increase the reliability, performance, and resiliency provided by Kernel Patch Protection, as discussed on the following Microsoft Web Site.
Will this update be distributed over Automatic Updates?
Yes, this update is distributed over Automatic Updates to the software listed above.
Suggested Actions
Review the Microsoft Knowledge Base Article that is associated with this advisory
We encourage customers running x64-based Windows operating systems to install this update. Customers who are interested in learning more about Kernel Patch Protection should review the following Microsoft Web Site.
Other Information
Resources:
- You can provide feedback by completing the form by visiting the following Web site.
- Customers in the United States and Canada can receive technical support from Microsoft Product Support Services. For more information about available support options, see the Microsoft Help and Support Web site.
- International customers can receive support from their local Microsoft subsidiaries. For more information about how to contact Microsoft for international support issues, visit the International Support Web site.
- The Microsoft TechNet Security Web site provides additional information about security in Microsoft products.
Disclaimer:
The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Revisions:
- August 14, 2007: Advisory published
- April 23, 2008: Added an FAQ entry about known issues in installing the kernel update
Built at 2014-04-18T13:49:36Z-07:00