Windows RPC Marshalling Engine Memory Error Lets Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1022357 |
|
SecurityTracker URL: http://securitytracker.com/id/1022357
|
|
CVE Reference:
CVE-2009-0568
(Links to External Site)
|
Date: Jun 9 2009
|
Impact:
Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000 SP4, 2003 SP2, XP SP3, Vista SP2, 2008 SP2; and prior service packs
|
Description:
A vulnerability was reported in Windows RPC. A local user can obtain elevated privileges on the target system.
A local user can send a specially crafted message to trigger a state error in the Remote Procedure Call (RPC) Marshalling Engine and execute arbitrary code on the target system with elevated privileges.
|
Impact:
A local user can obtain elevated privileges on the target system.
|
Solution:
The vendor has issued the following fixes:
Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?familyid=155a79c1-e5e4-4f62-b4b0-53aca59f20ac
Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=f033fa78-c451-44f8-aa6c-a49622c37f40
Windows XP Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?familyid=f033fa78-c451-44f8-aa6c-a49622c37f40
Windows XP Professional x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=20734b70-37f1-47dd-bc09-d56f93577a55
Windows Server 2003 Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=62bb9e22-4f4b-4ffc-ba76-f626e94c79d5
Windows Server 2003 x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=888b8dd8-d76c-42f5-a377-1f1750d3cf56
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=3084f46e-02b9-4d99-a7a1-033817f9bd9f
Windows Vista:
http://www.microsoft.com/downloads/details.aspx?familyid=5ca227c0-f2dd-429c-a542-e08e93527214
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=5ca227c0-f2dd-429c-a542-e08e93527214
Windows Vista x64 Edition:
http://www.microsoft.com/downloads/details.aspx?familyid=188adafe-1feb-46ad-b237-a88d35104dcd
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=188adafe-1feb-46ad-b237-a88d35104dcd
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=eaa26c6c-5bf7-4099-bb21-1e03de3a25ca
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=447aaa4f-946b-4f23-b151-dcf46ea9f80e
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?familyid=f33012b9-5d5b-4f72-8d49-a8e1c8bc1337
A restart is required.
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms09-026.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms09-026.mspx (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 9 Jun 2009 14:27:55 -0400
Subject: http://www.microsoft.com/technet/security/bulletin/ms09-026.mspx
|
Microsoft Security Bulletin MS09-026 - Important: Vulnerability in RPC Could Allow Elevation of Privilege (970238)
CVE-2009-0568
|
|
