68552 : Microsoft Windows win32k.sys Driver Keyboard Layout Loading Local Privilege Escalation
Printer | http://osvdb.org/68552 | Email This | Edit Vulnerability

Views This Week Views All Time Added to OSVDB Last Modified Modified (since 2008) Percent Complete
18 1073 about 1 year ago about 1 year ago 7 times 100%

Timeline
Disclosure Date Vendor Solution Date
2010-10-12 2010-10-12

Description

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The kernel-mode drivers fail to properly perform indexing of a function-pointer table when loading specific keyboard layouts, which may allow a local authenticated attacker to gain elevated privileges.

Classification

 Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified, Discovered in the Wild
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products
Microsoft Corporation
Watch-list
Windows Server
Watch-list
 2008 R2 for x64-based Systems
2008 for 32-bit Systems
2003 SP2 for Itanium
2008 for Itanium-based Systems
2008 for 32-bit Systems SP2
2008 for Itanium-based Systems SP2
2003 x64 Edition SP2
2008 R2 for Itanium-based Systems
2008 for x64-based Systems
2008 for x64-based Systems SP2
2003 SP2
Windows XP
Watch-list
 SP3
Professional x64 Edition SP2
Windows Vista
Watch-list
 SP1
SP2
x64 Edition SP1
x64 Edition SP2
Windows 7
Watch-list
 for x64-based Systems
for 32-bit Systems

References

Credit

CVSSv2 Score

CVSSv2 Base Score = 7.2
Source: nvd.nist.gov | Generated: 2011-01-21 | Disagree?

Access_vector_0 Access_complexity_2 Authentication_2 Confidentiality_impact_2 Integrity_impact_2 Availability_impact_2

Blogs

This product uses the Daylife API but is not endorsed or certified by Daylife.

This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.

2010/11/25 15:53:20 | Qihoo 360 Detects Oldest Vulnerability in Microsoft OS

from: RedOrbit

BEIJING, Nov. 25, 2010 /PRNewswire-Asia/ -- Today, China's leading network security services provider, Qihoo 360, released an emergency network security warning, claiming that it has first discovered an Exploit Code of an 18-year latent high-risk 0day

2010/11/25 16:31:30 | Qihoo 360 Detects Oldest Vulnerability in Microsoft OS

from: Albequerque Express

...security experts suggested that previously Stuxnet has just used another Windows local privilege escalation vulnerability (CVE-2010-2743) to seize control of the system. This vulnerability first appeared in 1995 and has a latency of 15 years. In addition,...

2010/11/23 14:19:30 | Stuxnet Redux: Questions and Answers

from: F-Secure Antivirus Research Weblog

...0-days: •LNK (MS10-046) •Print Spooler (MS10-061) •Server Service (MS08-067) •Privilege escalation via Keyboard layout file (MS10-073) •Privilege escalation via Task Scheduler Q: And these have been patched by Microsoft? A: All but one of the two Privilege...

2010/10/13 09:48:15 | Microsoft releases biggest-ever set of security patches

from: Albequerque Express

...are likely to be developed that exploit some of the lower-rated issues as well. In fact, one of Tuesday's updates , MS10-073; rated important by Microsoft, fixes a Windows XP bug that was leveraged by the creators of the Stuxent worm. Stuxnet is the first...

Comments

Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use