Vulnerability Note VU#119262

Microsoft Windows kernel fails to reset values in CPU data structures

Original Release date: 13 Oct 2004 | Last revised: 15 Oct 2004


A vulnerability in the Microsoft Windows kernel could allow an attacker to cause a denial-of-service condition.


The Microsoft Windows kernel is responsible for handling processor resources and system services such as device and memory management. There is a vulnerability in the way the Windows kernel resets values in CPU data structures. Exploitation of this vulnerability could cause the system to stop responding.


A local, authenticated attacker could cause a denial-of-service condition.


Apply Patch

Microsoft has provided a patch to address this vulnerability. For a list of affected versions and details on obtaining the patch, please refer to Microsoft Security Bulletin MS04-032.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-13 Oct 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This vulnerability was reported by Microsoft. Microsoft credits hlt for discovering the vulnerability.

This document was written by Damon Morda and is based on information provided by Microsoft.

Other Information

  • CVE IDs: CAN-2004-0211
  • Date Public: 12 Oct 2004
  • Date First Published: 13 Oct 2004
  • Date Last Updated: 15 Oct 2004
  • Severity Metric: 2.36
  • Document Revision: 12


If you have feedback, comments, or additional information about this vulnerability, please send us email.