Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system.
1) An error in the Microsoft Distributed Transaction Coordinator (MSDTC) transaction facility can be exploited by a process having the SeImpersonatePrivilege to run arbitrary code with NetworkService privileges.
2) The Windows Management Instrumentation (WMI) provider improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to run arbitrary code with LocalSystem privileges by e.g. obtaining a SYSTEM token.
3) The RPCSS service improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to execute arbitrary code with LocalSystem privileges.
4) Incorrect access control lists (ACLs) are placed on threads in the current ThreadPool. This can be exploited to execute arbitrary code with LocalSystem privileges.
Successful exploitation of the vulnerabilities requires the ability to run code in an authenticated context e.g via IIS (when ASP.NET code runs in full trust or via ISAPI extensions/filters) and SQL Server (when having administrative privileges to load and run code).
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Microsoft Windows Privilege Escalation Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.