MS06-051: Vulnerability in Windows Kernel

Published: 2006-08-08
Last Updated: 2006-08-08 19:32:52 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Vulnerability in Windows Kernel Could Result in Remote Code Execution
MS06-051 - KB917422

This update focus on two main vulnerabilities.
    - CVE-2006-3443: The User Profile Elevation of Privilege - LOCAL
    - CVE-2006-3648: The Unhandled Exception - REMOTE

If any of them is successfully exploited, the attacker can gain complete control of the affected system.

The advisory focus on W2k systems. For the Elevation of Privilege vulnerability: "...If a specially crafted DLL is placed in the user directory, it is possible for WinLogon to execute the code of the DLL resulting in an elevation of the user's privileges.".

For the Unhandled Exception vulnerability, looks like a simple spam with a link would lead the user to a specially crafted website which would exploit it.

Worthless to say that it is REALLY important to patch your systems against these vulnerabilities! Test and Patch!!

-------------------------------------------------
Pedro Bueno ( pbueno //&&// isc. sans. org)

Keywords:
0 comment(s)

Comments


Diary Archives