|| Hotline : 800 2378 ||  To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu ||  To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||
    Constituency
    Authority
    Vol. 2, Feb 2012
    Vol. 1, Oct 2011
    World CERTs
    Email Abuse
 
 
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University
 
 
 
 
 
 
 
 
 
 
 
 


   
 

CERT-MU Vulnerability Note VN-2009-18

Elevation of Privileges Vulnerability in Microsoft Virtual PC and Virtual Server

Original Issue Date: July 16, 2009

Severity Rating: Medium

Affected Softwares

  • Microsoft Virtual PC 2007
  • Microsoft Virtual PC 2007 Service Pack 1
  • Microsoft Virtual PC 2007 x64 Edition
  • Microsoft Virtual PC 2007 x64 Edition Service Pack 1
  • Microsoft Virtual PC 2004 Service Pack 1
  • Microsoft Virtual Server 2005 R2 Service Pack 1
  • Microsoft Virtual Server 2005 R2 x64 Edition Service Pack 1

Overview

An elevation of privilege vulnerability has been reported in Microsoft Virtual PC and Virtual Server which could allow a local attacker to execute arbitrary code and take complete control of affected guest operating system.

Description

This vulnerability is caused due incorrect validation of privilege levels while executing specific instructions in the Virtual Machine Monitor. The driver filters and processes request from virtual machines to the underlying system hardware. Malformed requests processed by the driver may be interpreted as having a higher security context, which could allow a local attacker to take privileged actions within the virtual operating system.

A local attacker could exploit this vulnerability by running a program specially designed to issue malicious requests to the application, which could allow attacker to perform actions and executing code inside the guest operating system with administrative privileges.

Workarounds

  • Apply appropriate patch as mentioned in Microsoft Security Bulletin - MS09-033

CVE Name

CVE-2009-1542

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

Microsoft
http://www.microsoft.com/technet/security/Bulletin/MS09-033.mspx

References

Cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=18613

SecurityFocus
http://www.securityfocus.com/bid/35601

SecurityTracker
http://www.securitytracker.com/alerts/2009/Jul/1022544.html

Vupen
http://www.vupen.com/english/advisories/2009/1890

 
 
News & Events
Safer Internet Day 2012
Computer Security Day 2011
Workshop on Cloud Security
Workshop on Mobile Security
Certificate Award Ceremony for Trainings in Information Security Management
  more...
 
Virus Alerts
RSS Feed
Subscribe Mailing List
 
 
 

Last Updated 20-Jul-2011
Disclaimer Maintained & Hosted by NCB
This site is best viewed in 1024 x 768 resolution. Internet Explorer 6.0 +