Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Windows XP and 2003 local privilege escalation vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Windows XP and 2003 local privilege escalation vulnerability

Microsoft has an advisory and a blog entry up on a new vulnerability, CVE-2007-5587, in the Macrovision SECDRV.SYS driver. This file is included with Windows XP and Windows Server 2003.

It appears partial information on the vulnerability and exploit has been in the wild since mid October, and it is being exploited in a limited number of incidents.

According to the advisory, this is a local attack which allows privilege escalation. While plans for an official Microsoft supplied patch are in the works, Macrovision has released an update from their website which allows you to mitigate this issue.

Maarten Van Horenbeeck


158 Posts
Nov 6th 2007
I'm glad you folks are concerned about privilege escalation vulnerabilities. These are often labeled low risk by Secunia but when in fact it is a higher risk.

Sign Up for Free or Log In to start participating in the conversation!