TITLE: Microsoft Windows / Office Korean Input Method Editor Vulnerability SECUNIA ADVISORY ID: SA18859 VERIFY ADVISORY: http://secunia.com/advisories/18859/ CRITICAL: Moderately critical IMPACT: Privilege escalation, System access WHERE: >From local network OPERATING SYSTEM: Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ SOFTWARE: Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2003 Proofing Tools http://secunia.com/product/7426/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft OneNote 2003 http://secunia.com/product/7140/ Microsoft Project 2003 http://secunia.com/product/3170/ Microsoft Visio 2003 http://secunia.com/product/1092/ DESCRIPTION: A vulnerability has been reported in various Microsoft products, which can be exploited by malicious people to gain escalated privileges or compromise a vulnerable system. The vulnerability is caused due to an error in the Korean Input Method Editor (IME), which may cause it to expose functionality running with LocalSystem. Successful exploitation requires access to a login prompt either locally or via RDP (Remote Desktop Protocol). SOLUTION: Apply patches. Microsoft Windows XP SP1 / Microsoft Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=290453DF-1CAE-4691-B20C-5D65D92216BF Microsoft Windows XP Professional x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=7D75BF5C-2E1D-4793-B7D1-DD372A99ECA5 Microsoft Windows Server 2003 and Microsoft Windows Server 2003 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=A092BA0F-C753-444B-A572-492E4ECB2D3F Microsoft Windows Server 2003 (Itanium) and Microsoft Windows Server 2003 SP1 (Itanium): http://www.microsoft.com/downloads/details.aspx?FamilyId=8479C2EB-0FB6-4879-9C3D-B49BD864A71C Microsoft Windows Server 2003 x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=66E495E8-CD52-4E76-B20A-4471FA941556 Microsoft Office 2003 SP1 / SP2 (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=8E6F16E9-CD73-47D5-887E-616DB9B09591&displaylang=en Microsoft Office 2003 Multilingual User Interface Packs (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=986F9A8D-AFE7-455A-B78D-0795CBB0E80E&displaylang=en Microsoft Office Visio 2003 Multilingual User Interface Packs (KB909115): http://www.microsoft.com/downloads/details.aspx?FamilyId=5A4D0A92-2DFC-4F8B-9D14-138CEA57AF96&displaylang=en Microsoft Office Project 2003 Multilingual User Interface Packs (KB909118): http://www.microsoft.com/downloads/details.aspx?FamilyId=22C96D7F-F384-4678-9AC0-3A11B81A4C1D&displaylang=en Microsoft Office 2003 Proofing Tools (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=32CF9F59-FFBD-45E5-A4D2-690183462D0F&displaylang=en Microsoft Office Visio 2003 (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=8E6F16E9-CD73-47D5-887E-616DB9B09591&displaylang=en Microsoft Office OneNote 2003 (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=8E6F16E9-CD73-47D5-887E-616DB9B09591&displaylang=en Microsoft Office Project 2003 (KB905645): http://www.microsoft.com/downloads/details.aspx?FamilyId=8E6F16E9-CD73-47D5-887E-616DB9B09591&displaylang=en PROVIDED AND/OR DISCOVERED BY: Ryan Lee of VMCraft Inc. ORIGINAL ADVISORY: MS06-009 (KB901190): http://www.microsoft.com/technet/security/Bulletin/MS06-009.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------