(MS10-084) Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
Data de publicação: 20 fevereiro 2013
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2010-3222
Data do informe: 20 fevereiro 2013
Descrição
This security update addresses a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs specially crafted code that sends an LPC message to the local LRPC Server. The message could then allow an authenticated user to access resources that are running in the context of the NetworkService account.
Exposição das informações
For information on patches specific to the affected software, please refer to this Microsoft Web page.
Software infectado e versão:
- Windows Server 2003 Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2003 x64 Edition Service Pack 2
- Windows XP Professional x64 Edition Service Pack 2
- Windows XP Service Pack 3