Windows Vista Kernel ALPC Validation Flaw Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1019075 |
|
SecurityTracker URL: http://securitytracker.com/id/1019075
|
|
CVE Reference:
CVE-2007-5350
(Links to External Site)
|
Date: Dec 11 2007
|
Impact:
Root access via local system, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Vista
|
Description:
A vulnerability was reported in the Windows Vista kernel. A local user can obtain elevated privileges on the target system.
The kernel's Windows Advanced Local Procedure Call (ALPC) does not properly validate certain conditions in legacy reply paths. A local user can exploit this to gain elevated privileges on the target system.
Thomas Garnier of SkyRecon reported this vulnerability.
|
Impact:
A local user can obtain elevated privileges on the target system.
|
Solution:
The vendor has issued the following fixes:
Vista:
http://www.microsoft.com/downloads/details.aspx?familyid=9787619f-1297-411e-8b9c-3ad3e6a99797
Vista x64:
http://www.microsoft.com/downloads/details.aspx?FamilyID=5f382050-8df6-43aa-82e9-8fad5ff8ecec
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms07-066.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-066.mspx (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 11 Dec 2007 13:51:10 -0500
Subject: Microsoft Security Bulletin MS07-066 Important: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078)
|
http://www.microsoft.com/technet/security/bulletin/ms07-066.mspx
CVE-2007-5350
|
|
