MS Windows Remote Access Service NDISTAPI Driver Privilege Elevation Vulnerability (2566454) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS11-062.

Impact

Successful exploitation could allow remote attacker to execute arbitrary code with kernel privileges via a specially crafted application. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms11-062.mspx

Insight

The flaws are due to an input validation error in the Remote Access Service NDISTAPI driver (NDISTAPI.sys) when passing certain user-mode input to the kernel.

Affected

Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2003 Service Pack 2 and prior.

References

http://secunia.com/advisories/45408
http://support.microsoft.com/kb/2566454
http://www.microsoft.com/technet/security/bulletin/ms11-062.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1974

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Cumulative Security Update for Internet Explorer (931768)
Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
Host Integration Server RPC Service Remote Code Execution Vulnerability (956695)
Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)

Take action and discover your vulnerabilities