---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Virtual Address Descriptor Privilege Escalation SECUNIA ADVISORY ID: SA32251 VERIFY ADVISORY: http://secunia.com/advisories/32251/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Microsoft Windows XP Home Edition http://secunia.com/advisories/product/16/ Microsoft Windows XP Professional http://secunia.com/advisories/product/22/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/advisories/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/advisories/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/advisories/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/advisories/product/1176/ Microsoft Windows Storage Server 2003 http://secunia.com/advisories/product/12399/ Microsoft Windows Vista http://secunia.com/advisories/product/13223/ Microsoft Windows Server 2008 http://secunia.com/advisories/product/18255/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an integer overflow error when processing Virtual Address Descriptor (VAD) parameters. This can be exploited to cause a memory allocation mapping error and corrupt memory. Successful exploitation allows execution of arbitrary code with escalated privileges. SOLUTION: Apply patches. Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=25997b73-a640-49c1-b19e-768a18bbe22c Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=50fae854-0bde-46f8-9444-b9e0d9bfecad Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=e8ef3d5f-dd8e-4945-92cd-9d3e30b16667 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=c2e754f9-086a-494c-bc19-5feed7df8b65 Windows Server 2003 with SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=5a3832ec-3f8f-42c1-a603-b1330d527547 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=b4212db5-093e-497d-b999-2e3780f9f7c2 Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=c20808cb-c30a-4b53-91e5-810eb6b4b2e3 Windows Server 2008 for 32-bit systems: http://www.microsoft.com/downloads/details.aspx?familyid=ec9eeb82-0497-4c55-94bb-9a47cb3521b4 Windows Server 2008 for x64-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=0bc178b8-f8ae-4f41-8f88-fb6a75be1bca Windows Server 2008 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=0af72663-4945-4916-8c55-090ba4d82793 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS08-064 (KB956841): http://www.microsoft.com/technet/security/Bulletin/MS08-064.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------