Updated: CA has addressed this issue.

Hi
Today, I am going to bypass my own disclosure policy. The reason is that I've notified the vendor, in this case Computer Associates , but no response. I was thinking about that issue was not important for them, when suddenly I heard a voice in my head saying : "share the knowledge or die like a dog!"... I had no chance.
Btw, CA sirs: people use to reply, at least, with "thanks for your email" a.k.a "good manners".

This issue is some similar to the Kaspersky flaw.Summing up: unprivileged users executing arbitrary code with kernel privileges. I am wondering if driver signing,one of the new improvements of Vista, includes a security audit in the cost...If not so, rootkits will be with us forever and ever taking into account the current amount of flaws present in security products.

Download  Advisory "CA HIPS Drivers - Multiple Privilege Escalation Vulnerabilities"

Exploits(For educational purposes only - No modifications allowed)

Download Exploit #1 (Kmxfw.sys Driver)

Download Exploit #2 (Kmxstart.sys Driver)




+Movie of the Month: 12 Angry Men
 Year: 1957. Directed By: Sydney Lumet

+Song of the Month: "Jo Ta Ke"
 Band: Su Ta Gar Album: "Jo Ta Ke"

+Canvas of the Month: Bouquet de soleils
 Artist: Claude Monet

+Animation of the Month: Kiwi
 Artist: Dony