Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Partition Manager vulnerability could allow escalation of privilege


Report ID: MS201205005
Date Published: 9 May 2012

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system


Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2




Summary

A vulnerability in the way that Windows Partition Manager handles device relation requests could allow an attacker to execute code in kernel mode.



Detailed Description

Microsoft has released a security update to address an escalation of privilege vulnerability in Windows Partition Manager. The vulnerability resulted when Plug and Play (PnP) Configuration Manager functions are called by two or more processes or threads at the same time. To exploit this vulnerability, the attacker must first log on to the local system, and then run a specially crafted application. Upon successful exploit, the attacker could be able to run code in kernel mode and take complete control of the affected system.

This issue has been resolved through the update, which introduces a correction in the way that Windows Partition Manager allocates object in memory. Users are recommended to install this latest update as a protection measure against potential exploit attempt.



CVE Reference

CVE-2012-0178



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-033)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.