SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Kernel Buffer Overflows and Memory Corruption Errors Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1024880
SecurityTracker URL:  http://securitytracker.com/id/1024880
CVE Reference:   CVE-2010-3939, CVE-2010-3940, CVE-2010-3941, CVE-2010-3942, CVE-2010-3943, CVE-2010-3944   (Links to External Site)
Date:  Dec 14 2010
Impact:   Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7, 2008 R2; and prior service packs
Description:   Several vulnerabilities were reported in the Windows Kernel. A local user can obtain elevated privileges on the target system.

A local user can run a specially crafted application to trigger a double free, buffer overflow, or memory corruption error in the 'Win32k.sys' kernel to execute arbitrary commands on the target system with kernel level privileges.

Tarjei Mandt of Norman and Stefan Le Berre of Sysdream reported these vulnerabilities.

Impact:   A local user can obtain kernel level privileges on the target system.
Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=BB9D1657-5BEB-4372-B74C-A612A6FFF5A8

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=1F277AE4-4F85-4C8A-BFC5-DCDC8AFED133

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=4AA39F59-2177-459F-9B8A-9543330D48EC

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=BCA61D61-D5CF-49A4-AB99-B61E50E8F619

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=4FCE129D-2B4E-4A66-AF27-BBBDE1E65BA1

Windows Vista Service Pack 1 and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=B824D3B9-2CE1-4ABC-AE06-68AEF1250BE9

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=F4C42CFE-B7F2-4436-919E-4BD305A3439A

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=6E2F572A-4169-47F2-A872-5466997122ED

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=09A4B646-989D-43EF-A3E8-64AF8B380A14

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=46522323-837E-4A74-9CF0-45F69343E776

Windows 7 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=AA7DE2E4-BA48-4D58-B034-05349F0EB920

Windows 7 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=B21DB627-91C2-4EBF-B7C0-38AC58AE5B6C

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=D417EBCE-7841-4BBB-8ABC-B15EF5F4B733

Windows Server 2008 R2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=7EEAC1BB-9F86-4EA5-B30F-980D52BE5044

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms10-098.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms10-098.mspx (Links to External Site)
Cause:   Access control error, Boundary error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC