Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
From: Russ Cooper (Russ.Cooper_at_TRUSECURE.CA)
Date: Tue, 14 Dec 2004 13:26:45 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Microsoft Security Bulletin MS04-044:
Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)
Version Number: 1.0
Issued Date: Tuesday, December 14, 2004
Impact of Vulnerability: Elevation of Privilege
Maximum Severity Rating: Important
Patch(es) Replaced: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.
Caveats: Microsoft Knowledge Base Article 885835 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 885835.
* Microsoft Windows NT Server 4.0 Service Pack 6a
* Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
* Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
* Microsoft Windows XP 64-Bit Edition Service Pack 1
* Microsoft Windows XP 64-Bit Edition Version 2003
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 64-Bit Edition
* Windows Kernel Vulnerability - CAN-2004-0893: A privilege elevation vulnerability exists in the way that the Windows Kernel launches applications. This vulnerability could allow a logged on user to take complete control of the system.
* LSASS Vulnerability - CAN-2004-0894: A privilege elevation vulnerability exists in the way that the LSASS validates identity tokens. This vulnerability could allow a logged on user to take complete control of the system.
This email is sent to NTBugtraq automagically as a service to my subscribers. (v4.01.1796.25439)
Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor
-- Editor's Note: The 43rd Most Powerful Person in Networking says... Register today to take the TruSecure ICSA exam by 12/31/04 at <http://www.2test.com> , use promo code "CT1204" and you will pay just $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars for international delivery. Visit <https://ticsa.trusecure.com> for complete details regarding the TICSA credential and to take the free sample exam. --