---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Windows Kernel Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA35372 VERIFY ADVISORY: http://secunia.com/advisories/35372/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. 1) An error causes changes in certain kernel objects to not be properly validated. 2) An error causes certain pointers passed from user mode to be insufficiently validated. 3) An error causes certain arguments passed to a Windows kernel system call to not be properly validated. 4) An error causes input passed from user mode to the kernel to be improperly validated when editing a specific desktop parameter. Successful exploitation of the vulnerabilities may allow execution of arbitrary code with kernel mode privileges. SOLUTION: Apply patches. Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=79b0481d-a3d7-477b-928a-a98cc79374af Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=6349e046-a3f8-4ae5-b8c3-c9879cc99e8f Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=3769800e-af93-4a44-8a1e-b30cc54b226f Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=9356404c-d89a-4de0-b9b4-f6e1bdadf745 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=5a3123af-173d-49eb-9997-14e82e764aee Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=13b50993-410f-4e7a-a33a-6d9b48dbb4d1 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=c31b36f8-330c-4a0c-9a3d-7cbe9a1ab8c8 Windows Vista SP2: http://www.microsoft.com/downloads/details.aspx?familyid=c31b36f8-330c-4a0c-9a3d-7cbe9a1ab8c8 Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=7d70a65f-07ce-4992-8bec-28fefd7587bc Windows Vista x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=7d70a65f-07ce-4992-8bec-28fefd7587bc Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=98ba52b2-da1a-4939-a10e-d43b3a7e7ed4 Windows Server 2008 for 32-bit Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=98ba52b2-da1a-4939-a10e-d43b3a7e7ed4 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=dbaa5a72-c267-4907-a207-525c2803d7b9 Windows Server 2008 for x64-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=dbaa5a72-c267-4907-a207-525c2803d7b9 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=e0e3ad56-a363-44ba-af4d-b7f551c88afd Windows Server 2008 for Itanium-based Systems SP2: http://www.microsoft.com/downloads/details.aspx?familyid=e0e3ad56-a363-44ba-af4d-b7f551c88afd PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2-3) The vendor credits Thomas Garnier. 4) Reported by the vendor. ORIGINAL ADVISORY: MS09-025 (KB968537): http://www.microsoft.com/technet/security/Bulletin/MS09-025.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------