[security-alerts] FW: [SA24823] Windows Vista CSRSS Privilege Escalation Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> Windows Vista CSRSS Privilege Escalation Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA24823
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/24823/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> Privilege escalation
> 
> WHERE:
> Local system
> 
> OPERATING SYSTEM:
> Microsoft Windows Vista
> http://secunia.com/product/13223/
> 
> DESCRIPTION:
> eEye Digital Security has reported a vulnerability in Windows Vista,
> which can be exploited by malicious, local users to gain escalated
> privileges.
> 
> The vulnerability is caused due to incorrect marshaling of system
> resources in the Client/Server Run-time Subsystem (CSRSS) when
> handling connections during the startup and stopping of processes.
> This can be exploited to execute arbitrary code with SYSTEM
> privileges by establishing and closing multiple connections to the
> subsystem's "ApiPort".
> 
> SOLUTION:
> Apply patches.
> 
> Windows Vista:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=3487b
> 1f0-a383-41a4-a660-2768962b3bcd
> 
> Windows Vista x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=c46f6
> 2e1-dddd-4886-a82b-ebec258a495b
> 
> PROVIDED AND/OR DISCOVERED BY:
> Derek Soeder, eEye Digital Security.
> 
> ORIGINAL ADVISORY:
> MS07-021 (KB930178):
> http://www.microsoft.com/technet/security/Bulletin/MS07-021.mspx
> 
> eEye Digital Security:
> http://research.eeye.com/html/advisories/published/AD20070410b.html
>