Windows CSRSS vulnerability could allow escalation of privilege
Report ID: MS201201003
Date Published: 11 January 2012
Compromise Type: privilege-escalation
Compromise From: local-system
Windows Server 2003
Windows Server 2008
A vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow an attacker to execute code in the security context of a local system.
Microsoft has issued an update to patch a vulnerability in Windows Client/Server Run-time Subsystem (CSRSS), which resulted when processing a sequence of specially crafted Unicode characters. The vulnerability poses a significant risk to systems that are configured with a Chinese, Japanese or Korean system locale. In order to exploit it, an attacker must first log on to the system before being able to run a specially crafted application that takes advantage of the vulnerable condition.
The vulnerability issue has been fixed in the latest update, which introduces changes in the way that CSRSS processes Unicode characters. As a protection measure, users are recommended to install the latest update onto their systems.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-003)