Alert: Microsoft Security Bulletin MS04-044 - Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

From: Russ Cooper (Russ.Cooper_at_TRUSECURE.CA)
Date: 12/14/04

  • Next message: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Could Allow Remote Code Execution (870763)"
    Date:         Tue, 14 Dec 2004 13:26:45 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Microsoft Security Bulletin MS04-044:
    Vulnerabilities in Windows Kernel and LSASS Could Allow Elevation of Privilege (885835)

    Bulletin URL:
    <http://www.microsoft.com/technet/security/bulletin/MS04-044.mspx>

    Version Number: 1.0
    Issued Date: Tuesday, December 14, 2004
    Impact of Vulnerability: Elevation of Privilege
    Maximum Severity Rating: Important
    Patch(es) Replaced: This bulletin replaces several prior security updates. See the frequently asked questions (FAQ) section of this bulletin for the complete list.
    Caveats: Microsoft Knowledge Base Article 885835 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues. For more information, see Microsoft Knowledge Base Article 885835.

    Tested Software:
    Affected Software:
    ------------------
    * Microsoft Windows NT Server 4.0 Service Pack 6a
    <http://tinyurl.com/6gyfo>
    * Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
    <http://tinyurl.com/6yfy7>
    * Microsoft Windows 2000 Service Pack 3 and Microsoft Windows 2000 Service Pack 4
    <http://tinyurl.com/3nsfp>
    * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2
    <http://tinyurl.com/4kybq>
    * Microsoft Windows XP 64-Bit Edition Service Pack 1
    <http://tinyurl.com/5uqmb>
    * Microsoft Windows XP 64-Bit Edition Version 2003
    <http://tinyurl.com/5ykqa>
    * Microsoft Windows Server 2003
    <http://tinyurl.com/6qwzc>
    * Microsoft Windows Server 2003 64-Bit Edition
    <http://tinyurl.com/5ykqa>

    Technical Description:
    ----------------------
    * Windows Kernel Vulnerability - CAN-2004-0893: A privilege elevation vulnerability exists in the way that the Windows Kernel launches applications. This vulnerability could allow a logged on user to take complete control of the system.

    * LSASS Vulnerability - CAN-2004-0894: A privilege elevation vulnerability exists in the way that the LSASS validates identity tokens. This vulnerability could allow a logged on user to take complete control of the system.

    This email is sent to NTBugtraq automagically as a service to my subscribers. (v4.01.1796.25439)

    Cheers,
    Russ - Senior Scientist - TruSecure Corporation/NTBugtraq Editor

    --
    Editor's Note: The 43rd Most Powerful Person in Networking says...
    Register today to take the TruSecure ICSA exam by 12/31/04  at
    <http://www.2test.com> ,  use promo code "CT1204" and you will pay just
    $221.25 US Dollars for domestic exam delivery and  $296.25 US Dollars
    for international delivery.
    Visit <https://ticsa.trusecure.com>  for complete details regarding the
    TICSA credential and to take the free sample exam.
    --
    

  • Next message: Russ Cooper: "Alert: Microsoft Security Bulletin MS04-045 - Vulnerability in WINS Could Allow Remote Code Execution (870763)"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #228
      ... RaidenHTTPD Remote File Disclosure Vulnerability ... Microsoft Outlook Web Access Login Form Remote URI Redirecti... ... Microsoft Windows Hyperlink Object Library Buffer Overflow V... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #138
      ... Nessus LibNASL Arbitrary Code Execution Vulnerability ... Blackmoon FTP Server Username Information Disclosure... ... Microsoft Windows Media Player Automatic File Download and... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #177
      ... RobotFTP Server Username Buffer Overflow Vulnerability ... Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vul... ... Microsoft Windows XP Help And Support Center Interface Spoof... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #158
      ... Gamespy 3d IRC Client Remote Buffer Overflow Vulnerability ... Microsoft Windows PostThreadMessage() Arbitrary Process Kill... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #124
      ... Bladeenc Signed Integer Memory Corruption Vulnerability ... Opera JavaScript Console Attribute Injection Vulnerability ... Microsoft Windows 2000 NetBIOS Continuation Packets Kernel... ...
      (Focus-Microsoft)