=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN415
_____________________________________________________________________

DATE                      : 06/11/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows Server 2003, Windows XP running
                                 Macrovision SECDRV.SYS Driver.

======================================================================
http://www.microsoft.com/technet/security/advisory/944653.mspx
______________________________________________________________________

Microsoft Security Advisory (944653)
Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow
Elevation of Privilege

- - Affected Software:

  Microsoft Windows XP Service Pack 2
  Microsoft Windows XP Professional x64 Edition
  Microsoft Windows XP Professional x64 Edition Service Pack 2
  Microsoft Windows Server 2003 Service Pack 1
  Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  Microsoft Windows Server 2003 Service Pack 2
  Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
  Microsoft Windows Server 2003 x64 Edition
  Microsoft Windows Server 2003 x64 Edition Service Pack 2

- - Impact:

  Elevation of Privilege

- - From the Microsoft Security Bulletin

  Vulnerability Details

  What is secdrv.sys?
  The driver, secdrv.sys, is a dispatch driver developed by Macrovision
  and shipped on supported editions of Windows Server 2003, Windows XP,
  and Windows Vista. This vulnerability does not affect Windows Vista.

  What causes this vulnerability?
  The Macrovision secdrv.sys driver on supported editions of Windows
  Server 2003 and Windows XP incorrectly handles configuration
  parameters.

  Recommendation:
  Install the update offered by Macrovision for systems running
  supported editions of Windows XP and Windows Server 2003 to help
  protect against this vulnerability. [1]

  References:

  [1] Macrovision - Updating the Macrovision SECDRV.SYS Driver
      http://www.macrovision.com/promolanding/7352.htm

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================