Summary
This host is missing a critical security update according to Microsoft Bulletin MS07-021.
Impact
Successful exploitation allows remote attackers to execute arbitrary code with SYSTEM privileges by establishing and closing multiple connections to the subsystem's ApiPort.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-021.mspx
Insight
The flaw is due to
- A double-free error in the Client/Server Run-time Subsystem (CSRSS) within 'WINSRV.DLL' when handling HardError messages.
- Incorrect marshaling of system resources in the Client/Server Run-time Subsystem (CSRSS) when handling connections during the startup and stopping of processes.
Affected
Microsoft Windows XP Service Pack 2 and prior.
Microsoft Windows 2000 ervice Pack 4 and prior.
Microsoft Windows 2K3 Service Pack 2 and prior.
Microsoft Windows Vista
References
Severity
Classification
-
CVE CVE-2006-6696, CVE-2007-1209 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft IE Developer Tools WMITools and Windows Messenger ActiveX Control Vulnerability (2508272)
- Microsoft .NET Framework Multiple Vulnerabilities (2916607)
- Microsoft Forefront Protection For Exchange RCE Vulnerability (2927022)
- Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
- Microsoft Active Directory Denial of Service Vulnerability (953235)