---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Learn more: http://secunia.com/network_software_inspector_2/ ---------------------------------------------------------------------- TITLE: Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation SECUNIA ADVISORY ID: SA30203 VERIFY ADVISORY: http://secunia.com/advisories/30203/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows XP, which can be exploited by malicious, local users to gain escalated privileges. An input validation error within a certain IOCTL handler in the I2O Utility Filter driver (i2omgmt.sys) and insecure permissions on the \\.\I2OExc device interface can be exploited to overwrite arbitrary memory and execute code with kernel privileges. The vulnerability is reported in Windows XP SP2 including i2omgmt.sys version 5.1.2600.2180. Other versions may also be affected. SOLUTION: Apply Windows XP Service Pack 3. http://www.microsoft.com/downloads/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4 PROVIDED AND/OR DISCOVERED BY: Rubén Santamarta, reported via iDefense Labs. ORIGINAL ADVISORY: iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=699 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------