myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron at myITforum.com

Sharing Security Developments, and Best Practices for corporate and home users

New Windows CSRSS unpatched vulnerability

This new vulnerability is rated as low-risk can only be exploited by local users.

Microsoft Windows Client Server Run-Time Subsystem Memory Disclosure Vulnerability
http://www.frsirt.com/english/advisories/2006/5197
http://secunia.com/advisories/23491/

QUOTE: A Microsoft Windows vulnerability can be exploited by malicious local users to gain knowledge of sensitive information. The problem is that CSRSS.exe does not properly validate arguments passed via NtRaiseHardError and can be exploited to view the contents of CSRSS process memory. The vulnerability is confirmed on a fully-patched Windows XP SP2 system and reportedly affects Windows 2000 SP4 as well. Other versions may also be affected.

Solution: Allow only trusted users access to the system

Published Dec 28 2006, 05:26 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems