=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN529
_____________________________________________________________________

DATE                      : 15/12/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 7, Windows Vista, Windows Server 2008,
                                running Task Scheduler.

======================================================================
KB2305420
http://www.microsoft.com/technet/security/Bulletin/MS10-092.mspx
______________________________________________________________________

Microsoft Security Bulletin MS10-092 - Important
Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)

Version: 1.0

General Information

Executive Summary

  This security update resolves a publicly disclosed vulnerability in Windows
  Task Scheduler. The vulnerability could allow elevation of privilege if an
  attacker logged on to an affected system and ran a specially crafted
  application. An attacker must have valid logon credentials and be able to
  log on locally to exploit this vulnerability. The vulnerability could not
  be exploited remotely or by anonymous users.

  This security update is rated Important for all supported editions of
  Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
  For more information, see the subsection, Affected and Non-Affected
  Software, in this section.

  The security update addresses the vulnerability by correcting the way Task
  Scheduler conducts integrity checks to validate that tasks run with the
  intended user privileges. For more information about the vulnerability, see
  the Frequently Asked Questions (FAQ) subsection for the specific
  vulnerability entry under the next section, Vulnerability Information.

Affected Software

  Windows Vista Service Pack 1
  Windows Vista Service Pack 2
  Windows Vista x64 Edition Service Pack 1
  Windows Vista x64 Edition Service Pack 2
  Windows Server 2008 for 32-bit Systems
  Windows Server 2008 for 32-bit Systems Service Pack 2*
  Windows Server 2008 for x64-based Systems
  Windows Server 2008 for x64-based Systems Service Pack 2*
  Windows Server 2008 for Itanium-based Systems
  Windows Server 2008 for Itanium-based Systems Service Pack 2
  Windows 7 for 32-bit Systems
  Windows 7 for x64-based Systems
  Windows Server 2008 R2 for x64-based Systems*
  Windows Server 2008 R2 for Itanium-based Systems

Vulnerability Information

Task Scheduler Vulnerability - CVE-2010-3338

  An elevation of privilege vulnerability exists in the way that the Windows
  Task Scheduler improperly validates whether scheduled tasks run within the
  intended security context. An attacker who successfully exploited this
  vulnerability could run arbitrary code in the security context of the local
  system. An attacker could then install programs; view, change, or delete
  data; or create new accounts with full user rights.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================