===================================================================== CERT-Renater Note d'Information No. 2010/VULN313 _____________________________________________________________________ DATE : 13/08/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows Vista, Windows Server 2008, Windows 7. ====================================================================== KB978886 http://www.microsoft.com/technet/security/Bulletin/MS10-058.mspx ______________________________________________________________________ Microsoft Security Bulletin MS10-058 - Important Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886) Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege due to an error in the processing of a specific input buffer. An attacker who is able to log on to the target system could exploit this vulnerability and run arbitrary code with system-level privileges. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This security update is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the vulnerabilities by correcting the way in which the TCP/IP stack handles malformed IPv6 packets and data copied from user mode. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. Affected Software Windows Vista Service Pack 1 and Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 1 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems Windows 7 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for Itanium-based Systems Vulnerability Information IPv6 Memory Corruption Vulnerability - CVE-2010-1892 A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. An attacker could exploit the vulnerability by sending the target system a small number of specially crafted packets, causing the affected system to stop responding. Integer Overflow in Windows Networking Vulnerability CVE-2010-1893 An elevation of privilege vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of a specific input buffer. An attacker who successfully exploited this vulnerability could run arbitrary code with system-level privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================