Windows Kernel Bugs Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1021046
|
|
SecurityTracker URL: http://securitytracker.com/id?1021046
|
|
CVE Reference: CVE-2008-2250
, CVE-2008-2251
, CVE-2008-2252
(Links to External Site)
|
Date: Oct 14 2008
|
Impact: Root access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Microsoft Security Bulletin
|
Version(s): 2000 SP4, 2003 SP2, XP SP3, Vista SP1, 2008; and prior service packs
|
Description: A vulnerability was reported in Windows Kernel. A local user can obtain elevated privileges on the target system.
A local user can execute arbitrary commands on the target system with elevated privileges.
The kernel does not properly processes
input passed from a parent window to a child window when a new window is created [CVE-2008-2250]. Arbitrary code can be executed
in the context of the kernel.
The kernel does not properly process certain system calls from multiple threads [CVE-2008-2251].
A double-free may occur, allowing arbitrary code to be executed.
A local user can trigger a memory corruption error to execute
arbitrary code [CVE-2008-2252].
Paul Caton of iShadow and Thomas Garnier of SkyRecon reported some of these vulnerabilities.
|
Impact: A local user can obtain kernel level privileges on the target system.
|
Solution: The vendor has issued the following fixes:
Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?familyid=3a6165a6-d7e7-4526-9291-29
0caf0639b4
Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c-43f3-be67-4c79ab5b2607
Windows
XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c-43f3-be67-4c79ab5b2607
Windows XP
Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=b06d3a02-b6e4-4d40-913a-3759a
31f20f3
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652-4a8f-ab8f-
622f9746c320
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=57ca28ea-e
5e1-4191-a3d6-84aa90a3d668
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based
Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=1e6c3f81-85bb-48e6-a5af-635a7e540c93
Windows Vista and Windows
Vista Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=3483b400-cedc-441f-ba8e-594e3df89190
Windows
Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=905ab030-14a5-4a3d-aa11-e8f957f6a1ea
Window
s Server 2008 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=8b97114a-71aa-47a2-b9e7-f4e158c18c80
Windows
Server 2008 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=6e641db2-90c8-458f-9795-3e46b70a5203
Windows
Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=b6546e1c-bf7b-4354-8574-6c16fa707de0
A
restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms08-061.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms08-061.mspx (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (2000), Windows (2003), Windows (2008), Windows (Vista), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 14 Oct 2008 14:58:52 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms08-061.mspx
|
Microsoft Security Bulletin MS08-061 – Important: Vulnerabilities in Windows Kernel Could Allow Eleva
tion of Privilege (954211)
CVE-2008-2250
CVE-2008-2251
CVE-2008-2252
|
|
