Windows Client-Server Run-time Subsystem Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1026417 |
|
SecurityTracker URL: http://securitytracker.com/id/1026417
|
|
CVE Reference:
CVE-2011-3408
(Links to External Site)
|
Date: Dec 13 2011
|
Impact:
Root access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1; and prior service packs
|
Description:
A vulnerability was reported in Windows Client-Server Run-time Subsystem (CSRSS). A local user can obtain elevated privileges on the target system.
A local user can run a specially crafted application to send an interprocess device event message to a higher-integrity process and execute arbitrary commands on the target system with elevated privileges.
Alex Ionescu of Winsider Seminars & Solutions Inc. reported this vulnerability.
|
Impact:
A local user can obtain elevated privileges on the target system.
|
Solution:
The vendor has issued the following fixes:
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=edb594a4-14d2-4ffe-8d1c-2c283689fe8c
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=9e1273e2-7775-40b4-b939-ab530677cd4a
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=a14057e5-e2c2-4dde-8d26-542a9f162e98
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=7f595fd6-bdfd-4075-97e5-70efb7d49dff
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=147ec6d3-3401-4aa3-a409-55346bcc7bd7
Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=fa6e6d91-4aca-49a6-a6e8-c33ec413097e
Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=c9794756-803d-48ba-86db-350fb577f01b
Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=6f934885-b134-400c-a452-50fd4eeedd5e
Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=7ade3832-bc20-4fce-8eac-8a3d072d2f1c
Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=4bd7a02b-c6d8-4eb5-a46d-e494a1233dc8
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=0666bdf5-9eed-44c9-84ee-b45f9b3e14b3
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=620f94f9-1f61-45a0-a22e-e7510b56b9b8
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=04878e9a-539a-4549-a5af-11d45add91da
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=5b2ebec4-cebb-47b6-864a-12d59a9a3e18
A restart is required.
The Microsoft advisory is available at:
http://technet.microsoft.com/en-us/security/bulletin/ms11-097
|
Vendor URL: technet.microsoft.com/en-us/security/bulletin/ms11-097 (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
