SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Microsoft Windows AutoRun Bug May Let Users Execute Arbitrary Code
SecurityTracker Alert ID:  1020446
SecurityTracker URL:  http://securitytracker.com/id/1020446
CVE Reference:   CVE-2008-0951   (Links to External Site)
Updated:  Feb 22 2011
Original Entry Date:  Jul 9 2008
Impact:   Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): Vista, Vista SP1, 2008, XP, 2003
Description:   A vulnerability was reported in Microsoft Windows AutoRun. A remote user may be able to cause arbitrary code to be executed on the target user's system.

The operating system does not properly enforce the NoDriveTypeAutoRun registry value. A remote user can create a CD-ROM or USB-device with an 'Autorun.inf' file that, when loaded by the target user, will execute arbitrary code on the target user's system.

Will Dormann of the CERT/CC reported this vulnerability.

Impact:   A remote user may be able to cause arbitrary code to be executed on the target user's system.
Solution:   The vendor has issued the following fixes:

Windows Vista and Windows Vista Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=06739ca6-7368-4acb-bb67-7e8146071a29

Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=74ea0893-7c2f-4fad-ad27-588ad953b046

Windows Server 2008 for 32-bit Systems*:

http://www.microsoft.com/downloads/details.aspx?familyid=189a4170-b495-4904-9cbd-209e7494d303

Windows Server 2008 for x64-based Systems*:

http://www.microsoft.com/downloads/details.aspx?familyid=85d8701d-f8c7-4079-8a21-a3a9d5ba71ce

Windows Server 2008 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=b30ee4f0-850f-4ff3-86a4-663603a0a802

* = (core installation is affected).

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms08-038.mspx

On February 24, 2009, the vendor issued a "non-security update" advisory to correct how the NoDriveTypeAutoRun registry setting functions. The advisory is available at:

http://www.microsoft.com/technet/security/advisory/967940.mspx

On August 25, 2009, the vendor issued an update that changes the AutoRun functionality in Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The update prevents AutoPlay from working with USB media:

http://support.microsoft.com/kb/971029

On February 8, 2011, the vendor reported that the KB 971029 update will be offered via Automatic Update.

On February 22, 2011, the vendor reported that the deployment logic has changed to minimize the user interaction required to install the updates on systems configured for automatic updating.

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms08-038.mspx (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC