Secunia

Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to disclose sensitive information, and by malicious users and malicious people to compromise a vulnerable system.

1) An error exists in the "EnumeratePrintShares()" function in win32spl.dll when parsing responses received from printer servers. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted request to an affected print spooler service.

Successful exploitation may allow execution of arbitrary code.

2) An error exists in the Windows Printing Service when processing separator pages. This can be exploited by a local user to read or print arbitrary files from the local system via a specially crafted separator page.

3) An error in the Windows Print Spooler can be exploited by an authenticated user to load arbitrary DLLs and execute arbitrary code via a specially crafted RPC request.

Solution
Apply patches.
Further details available in Customer Area

Provided and/or discovered by
1) Jun Mao of VeriSign iDefense Labs
2, 3) Reported by the vendor.

Changelog
Further details available in Customer Area

Original Advisory
Microsoft (KB961501):
http://www.microsoft.com/technet/security/Bulletin/MS09-022.mspx

iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=806

Deep Links
Links available in Customer Area