CVE-2011-2005 - Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability
Project:Microsoft
Product:Ancillary Function Driver (afd.sys)
Date Added:2022-03-28Due Date:2022-04-18
Vulnerability Name
Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability
Description
afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2011-2005