Alert: Microsoft Security Bulletin MS04-005 - Vulnerability in Virtual PC for Mac could lead to privilege elevation (835150)

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 02/10/04

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-006 - Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)" 
    Date:         Tue, 10 Feb 2004 14:06:28 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Microsoft Security Bulletin MS04-005:
    Vulnerability in Virtual PC for Mac could lead to privilege elevation
    (835150)

    Bulletin URL:
    http://www.microsoft.com/technet/security/bulletin/MS04-005.asp

    Summary:
     Version Number: V1.0
     Revision Date: 02-10-2004
     Impact of Vulnerability: Elevation of Privilege
     Maximum Severity Rating: Important
     Patch(es) Replaced: None
     Caveats: None
     CVE Number(s): CAN-2004-0115

    Tested Software:
     Affected Software:
     * Microsoft Virtual PC for Mac version 6.0
    <http://www.ntbugtraq.com/link/download.asp>
     * Microsoft Virtual PC for Mac version 6.01
    <http://www.ntbugtraq.com/link/download.asp>
     * Microsoft Virtual PC for Mac version 6.02
    <http://www.ntbugtraq.com/link/download.asp>
     * Microsoft Virtual PC for Mac version 6.1
    <http://www.ntbugtraq.com/link/download.asp>

     Software Not Affected:
     * None

    Technical Description:

    A security vulnerability exists in Microsoft Virtual PC for Mac. The
    vulnerability exists because of the method by which Virtual PC for Mac
    creates a temporary file when you run Virtual PC for Mac. An attacker
    could exploit this vulnerability by inserting malicious code into the
    file which could cause the code to be run with system privileges. This
    could give the attacker complete control over the system.

    To exploit this vulnerability, an attacker would have to already have a
    valid logon account on the local system, or the attacker would already
    have to have access to a valid logon account.

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v2.3)

    Cheers,
    Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

    -----
    NTBugtraq Editor's Note:

    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    -----

  • Next message: Russ: "Alert: Microsoft Security Bulletin MS04-006 - Vulnerability in the Windows Internet Naming Service (WINS) Could Allow Code Execution (830352)"

    Relevant Pages