OSVDB ID: 83751

Title: Microsoft Windows Terminal Services LCA Issued Certificates Arbitrary Binary Signing Weakness

Info

Disclosure
Jun 03, 2012

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 Microsoft Windows contains a flaw due to the Terminal Services Licensing Certification Authority issuing two sub-certificates that could be used to sign arbitrary code. The "Microsoft Enforced Licensing Intermediate PCA" and "Microsoft Enforced Licensing Registration Authority CA" certificates could be used by a third party to sign arbitrary code so that it appeared to be from Microsoft. This could be used to trick a user into installing any software under the guise of it coming from a legitimate vendor.

Classification

 Location: Context Dependent
Attack Type: Cryptographic
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: Vendor Verified

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Microsoft Corporation

Windows XP

 SP3
Professional x64 Edition SP2

Windows Server 2003

 SP2
x64 Edition SP2

Windows Vista

 SP2
x64 Edition SP2

Windows Server 2008

 for 32-bit Systems SP2
for x64-based Systems SP2
for Itanium-based Systems SP2

Windows Server 2008 R2

 for Itanium-based Systems
for x64-based Systems SP1
for Itanium-based Systems SP1
for x64-based Systems

Windows 7

 for x64-based Systems
for x64-based Systems SP1
for 32-bit Systems
for 32-bit Systems SP1

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/83751