SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Windows Kernel Vendors:   Microsoft
Windows Kernel Multiple Bugs Let Remote Users Execute Arbitrary Code and Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1027750
SecurityTracker URL:  http://securitytracker.com/id/1027750
CVE Reference:   CVE-2012-2530, CVE-2012-2553, CVE-2012-2897   (Links to External Site)
Date:  Nov 13 2012
Impact:   Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1, 8, 2012, RT; and prior service packs
Description:   Several vulnerabilities was reported in the Windows Kernel. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges.

A remote user can create a specially crafted TrueType font file that, when loaded by the target user, will trigger a parsing error and execute arbitrary code on the target system [CVE-2012-2897]. The code will run with the privileges of the target user.

Eetu Luodemaa and Joni Vahamaki of Documill (via the Chromium Security Rewards Program) reported this vulnerability.

A local user can trigger a use-after-free memory error in the Windows kernel-mode driver (win32k.sys) to execute arbitrary code with kernel privileges [CVE-2012-2530, CVE-2012-2553].

Matthew Jurczyk of Google Inc reported one of these vulnerabilities.

Impact:   A remote user can execute arbitrary code on the target system.

A local user can obtain elevated privileges.

Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=31f2c645-b171-4f11-884b-f5056ef57b4f

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=828699ac-eb88-4ff8-9110-69c206f5ef54

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=73f5dec6-ccda-426d-8d2c-a2db3e59734a

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=dc9cd62a-c42d-4c54-bc14-7abd34aeb865

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=e4ec19ea-06f2-4164-8e39-84f1d7a47ae7

Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=c4b3fb44-338d-48be-9981-53fa2cf3094a

Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=7a58e874-f3fc-4db8-8de0-cbfc6ebbf349

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=17b987db-0551-45c3-aab1-0cc11ae60dcc

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=dd9bd994-41e3-46a1-9dfb-c6d89a3ef883

Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=fab87b20-398f-4043-9cbe-ffcae8e19ff0

Windows 7 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=c222943e-9888-4fb9-b9a2-7a035311c887

Windows 7 for 32-bit Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=c222943e-9888-4fb9-b9a2-7a035311c887

Windows 7 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=50d7c25f-a67f-4946-b6db-70d9bd4dc178

Windows 7 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=50d7c25f-a67f-4946-b6db-70d9bd4dc178

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=114b596c-36e1-45f5-99e2-f5fdd96b1a30

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=114b596c-36e1-45f5-99e2-f5fdd96b1a30

Windows Server 2008 R2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=70447115-957d-48a4-bc27-395abaf22149

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=70447115-957d-48a4-bc27-395abaf22149

Windows 8 for 32-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=24ce3f78-fb25-4f51-8bb0-8cebf19d8843

Windows 8 for 64-bit Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=72c49d94-757c-4da4-a895-96d0830bc667

Windows Server 2012:

http://www.microsoft.com/downloads/details.aspx?familyid=2e69d496-25b4-4f24-97e0-47cb59c178aa

Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=17b987db-0551-45c3-aab1-0cc11ae60dcc

Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=dd9bd994-41e3-46a1-9dfb-c6d89a3ef883

Windows Server 2008 R2 for x64-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=114b596c-36e1-45f5-99e2-f5fdd96b1a30

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=114b596c-36e1-45f5-99e2-f5fdd96b1a30

Windows Server 2012:

http://www.microsoft.com/downloads/details.aspx?familyid=2e69d496-25b4-4f24-97e0-47cb59c178aa

A restart is required.

The Microsoft advisory is available at:

http://technet.microsoft.com/en-us/security/bulletin/ms12-075

Vendor URL:  technet.microsoft.com/en-us/security/bulletin/ms12-075 (Links to External Site)
Cause:   Access control error
Underlying OS:  

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC