Windows CSRSS vulnerability could allow escalation of privilege
Report ID: MS201201003
Date Published: 11 January 2012
Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system
Affected Product/Component:
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Summary
A vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow an attacker to execute code in the security context of a local system.
Detailed Description
Microsoft has issued an update to patch a vulnerability in Windows Client/Server Run-time Subsystem (CSRSS), which resulted when processing a sequence of specially crafted Unicode characters. The vulnerability poses a significant risk to systems that are configured with a Chinese, Japanese or Korean system locale. In order to exploit it, an attacker must first log on to the system before being able to run a specially crafted application that takes advantage of the vulnerable condition.
The vulnerability issue has been fixed in the latest update, which introduces changes in the way that CSRSS processes Unicode characters. As a protection measure, users are recommended to install the latest update onto their systems.
CVE Reference
CVE-2012-0005
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-003)
