=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN284
_____________________________________________________________________

DATE                      : 15/07/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Virtual PC,
                                   Microsoft Virtual Server.

======================================================================
KB969856
http://www.microsoft.com/technet/security/bulletin/MS09-033.mspx
______________________________________________________________________

Microsoft Security Bulletin MS09-033 - Important

Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of
Privilege (969856)

Published: July 14, 2009

Version: 1.0

General Information

Executive Summary

   This security update resolves a privately reported vulnerability in
   Microsoft Virtual PC and Microsoft Virtual Server. An attacker who
   successfully exploited this vulnerability could execute arbitrary code and
   take complete control of an affected guest operating system. An attacker
   could then install programs; view, change, or delete data; or create new
   accounts with full user rights.

   This security update is rated Important for all supported editions of
   Virtual PC 2004, Virtual PC 2007, and Virtual Server 2005. For more
   information, see the subsection, Affected and Non-Affected Software, in
   this section.

   The security update addresses the vulnerability by enforcing validation
   of privilege levels when executing machine instructions. For more
   information about the vulnerability, see the Frequently Asked Questions
   (FAQ) subsection for the specific vulnerability entry under the next
   section, Vulnerability Information.

   Recommendation. Microsoft recommends that customers apply the update at
   the earliest opportunity.

   Known Issues. Microsoft Knowledge Base Article 969856 documents the
   currently known issues that customers may experience when installing this
   security update.

Affected Software

   Microsoft Virtual PC 2004 Service Pack 1
   Microsoft Virtual PC 2007 and Microsoft Virtual PC 2007 Service Pack 1
   Microsoft Virtual PC 2007 x64 Edition and Microsoft Virtual PC 2007 x64
    Edition Service Pack 1
   Microsoft Virtual Server 2005 R2 Service Pack 1
   Microsoft Virtual Server 2005 R2 x64 Edition Service Pack 1

Vulnerability Information
	
   Virtual PC and Virtual Server Privileged Instruction Decoding
   Vulnerability - CVE-2009-1542

   An elevation of privilege vulnerability exists in the way that Microsoft
   Virtual PC and Microsoft Virtual Server incorrectly validate privilege
   levels when executing specific instructions in the Virtual Machine
   Monitor. This vulnerability could allow an attacker to run code with
   elevated privileges inside the hosted guest operating system. An attacker
   could then install programs; view, change, or delete data; or create new
   accounts on the guest operating system with full user rights.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================