0 Members and 1 Guest are viewing this topic.
"Kerio Personal Firewall includes an program execution protection feature, which allows users to restrict execution of programs on the system. However, it is possible for a malicious program to bypass this feature by restoring the running kernel's SDT (Service Descriptor Table) ServiceTable by writing directly to the "\Device\PhysicalMemory" section object.Successful exploitation bypasses the protection and allows a malicious program to execute without prompting the user.The vulnerability has been reported in version 4.0.16. Other versions may also be affected.