(MS11-080) Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)

  Severity: HIGH
  CVE Identifier: CVE-2011-2005
  Advisory Date: OCT 13, 2011

  DESCRIPTION

This update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability.

  TREND MICRO PROTECTION INFORMATION


  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems