Microsoft Windows contains a flaw that may allow a local authenticated denial of service. The issue is triggered when the kernel fails to properly validate access control lists in the 'SeObjectCreateSaclAccessBits()' function on kernel objects, and will result in loss of availability for the platform.

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

• CVE ID: 2010-1890 (see also: NVD)
• Secunia Advisory ID: 40871
• Related OSVDB ID: 66988 66989
• Microsoft Knowledge Base Article: 981852
• Microsoft Security Bulletin: MS10-047

• Tavis Ormandy - Google Security Team