Windows Kernel Bugs Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1021046 |
|
SecurityTracker URL: http://securitytracker.com/id/1021046
|
|
CVE Reference:
CVE-2008-2250, CVE-2008-2251, CVE-2008-2252
(Links to External Site)
|
Date: Oct 14 2008
|
Impact:
Root access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000 SP4, 2003 SP2, XP SP3, Vista SP1, 2008; and prior service packs
|
Description:
A vulnerability was reported in Windows Kernel. A local user can obtain elevated privileges on the target system.
A local user can execute arbitrary commands on the target system with elevated privileges.
The kernel does not properly processes input passed from a parent window to a child window when a new window is created [CVE-2008-2250]. Arbitrary code can be executed in the context of the kernel.
The kernel does not properly process certain system calls from multiple threads [CVE-2008-2251]. A double-free may occur, allowing arbitrary code to be executed.
A local user can trigger a memory corruption error to execute arbitrary code [CVE-2008-2252].
Paul Caton of iShadow and Thomas Garnier of SkyRecon reported some of these vulnerabilities.
|
Impact:
A local user can obtain kernel level privileges on the target system.
|
Solution:
The vendor has issued the following fixes:
Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?familyid=3a6165a6-d7e7-4526-9291-290caf0639b4
Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c-43f3-be67-4c79ab5b2607
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c-43f3-be67-4c79ab5b2607
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=b06d3a02-b6e4-4d40-913a-3759a31f20f3
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652-4a8f-ab8f-622f9746c320
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=57ca28ea-e5e1-4191-a3d6-84aa90a3d668
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=1e6c3f81-85bb-48e6-a5af-635a7e540c93
Windows Vista and Windows Vista Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=3483b400-cedc-441f-ba8e-594e3df89190
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?familyid=905ab030-14a5-4a3d-aa11-e8f957f6a1ea
Windows Server 2008 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=8b97114a-71aa-47a2-b9e7-f4e158c18c80
Windows Server 2008 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=6e641db2-90c8-458f-9795-3e46b70a5203
Windows Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=b6546e1c-bf7b-4354-8574-6c16fa707de0
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms08-061.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms08-061.mspx (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 14 Oct 2008 14:58:52 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms08-061.mspx
|
Microsoft Security Bulletin MS08-061 – Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211)
CVE-2008-2250
CVE-2008-2251
CVE-2008-2252
|
|
