SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Windows Consent User Interface Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1024882
SecurityTracker URL:  http://securitytracker.com/id/1024882
CVE Reference:   CVE-2010-3961   (Links to External Site)
Date:  Dec 14 2010
Impact:   Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Vista SP2, 2008 SP2, 7, 2008 R2; and prior service packs
Description:   A vulnerability was reported in the Windows Consent User Interface. A local user can obtain elevated privileges on the target system.

A local user can set a specially crafted registry key value that, when processed by the Consent User Interface will execute arbitrary code on the target system with LocalSystem privileges.

Cesar Cerrudo of Argeniss reported this vulnerability.

Impact:   A local user can obtain LocalSystem privileges on the target system.
Solution:   The vendor has issued the following fixes:

Windows Vista Service Pack 1 and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=85265A23-5094-4007-8D33-F402CABD1664

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=63C7257A-16BF-4108-80B9-9DFE53528348

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=14E079A8-01A4-47C9-BD47-F5C9A6CA070A

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=6BAF92B7-A336-45F2-A1BA-C00C34DFB76F

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=7A4B23D4-F68E-4D5B-8814-D9247145F164

Windows 7 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=F7C7D57A-D031-46A3-9613-EAE2B9CB6401

Windows 7 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=E52C36F5-637B-4928-83D0-27514C6CC384

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=B823A7AA-0EB9-42DD-BF56-8907D94B314A

Windows Server 2008 R2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=66B2506D-80E0-4E32-86E6-0908EF56AE90

A restart is not required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms10-100.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms10-100.mspx (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC