SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Authenticode Signature Verification Flaws Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1023846
SecurityTracker URL:  http://securitytracker.com/id/1023846
CVE Reference:   CVE-2010-0486, CVE-2010-0487   (Links to External Site)
Date:  Apr 13 2010
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000 SP4, 2003 SP2, XP SP3, Vista SP2, 2008 SP2, 2008 R2, 7; and prior service packs
Description:   Two vulnerabilities were reported in the Windows Kernel. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can modify the unverified portions of the signature and file of an existing signed file in a portable executable (PE) cabinet [CVE-2010-0486]. When the file is loaded by the target user, arbitrary code will be executed on the target system. The code will run with the privileges of the target user.

A remote user can modify existing signed cabinet file [CVE-2010-0487]. When the file is loaded by the target user, arbitrary code will be executed on the target system. The code will run with the privileges of the target user.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=D7538166-35EE-4C6B-BE8C-E83A1FC6CD77

Windows XP Service Pack 2 and Windows XP Service Pack 3, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=2A01DDF0-F3EA-47C8-ADA2-E69F6C1B5F96

Windows XP Professional x64 Edition Service Pack 2, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=9BBFF00C-F8F4-4A44-98F2-18A868986AE1

Windows Server 2003 Service Pack 2, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=0E7E3DEB-F078-4953-9642-675EC69267F2

Windows Server 2003 x64 Edition Service Pack 2, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=99A3F6DA-728F-421C-AB41-C4C4751934A4

Windows Server 2003 with SP2 for Itanium-based Systems, Authenticode Signature Verification 5.1:

http://www.microsoft.com/downloads/details.aspx?familyid=06832599-1E9B-4792-8C7B-7B5B3A3D6277

Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2, Authenticode Signature Verification 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=A52225A7-6005-4F2B-8291-DB20558F23F8

Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2, Authenticode Signature Verification 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=9BA7468C-23A4-4994-9A5A-22E96EF586F3

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*, Authenticode Signature Verification 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=97FFEEC8-8B6D-4A30-97B0-4BFF2BA5E91D

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*, Authenticode Signature Verification 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=49F9F740-023A-4291-BECF-838A1D282321

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2, Authenticode Signature Verification 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=BD60779A-8BB1-4107-A344-9B09A50E96FF

Windows 7 for 32-bit Systems, Authenticode Signature Verification 6.1:

http://www.microsoft.com/downloads/details.aspx?familyid=8D4A6C65-E171-4570-8F3F-118F06910BAF

Windows 7 for x64-based Systems, Authenticode Signature Verification 6.1:

http://www.microsoft.com/downloads/details.aspx?familyid=CF8C6721-05C2-4680-93B4-BE36F09C6D15

Windows Server 2008 R2 for x64-based Systems*, Authenticode Signature Verification 6.1:

http://www.microsoft.com/downloads/details.aspx?familyid=94DFDAAE-8464-4DE6-A401-7EB70B3BB34F

Windows Server 2008 R2 for Itanium-based Systems, Authenticode Signature Verification 6.1:

http://www.microsoft.com/downloads/details.aspx?familyid=40F622D2-48E7-4EB2-9430-BBD218CB5208

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms10-019.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms10-019.mspx (Links to External Site)
Cause:   Input validation error
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Tue, 13 Apr 2010 17:20:27 +0000
Subject:  http://www.microsoft.com/technet/security/bulletin/ms10-019.mspx


Microsoft Security Bulletin MS10-019 - Critical: Vulnerabilities in Windows Could Allow Remote Code Execution (981210)

CVE-2010-0486
CVE-2010-0487
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC