(MS09-041) Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657)
Severity: HIGH
CVE Identifier: CVE-2009-1544
Advisory Date: APR 05, 2012
DESCRIPTION
This elevation of privilege vulnerability in the Windows Worstation Service is due to a possible "Double Free" condition occurring in the service.
Successful exploitation of this vulnerability enables an unauthorized user to execute arbitrary code on the affected system with elevated privileges. This means that the unauthorized user install programs; view, change, or delete data; or create new accounts with full user rights.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields the following vulnerabilities using the specified rules. Trend Micro customers using OfficeScan with the Intrusion Defense Firewall plugin are also protected from attacks using these vulnerabilities.
Microsoft Bulletin ID | Vulnerability ID | Rule Number & Title | Deep Security Pattern Version | Deep Security Pattern Release Date |
---|---|---|---|---|
MS09-041 | CVE-2009-1544 | 1003676 - Workstation Service Memory Corruption Vulnerability | Aug 12, 2009 |
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Windows Server 2003 Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2003 x64 Edition Service Pack 2
- Windows XP Professional x64 Edition Service Pack 2
- Windows XP Service Pack 2
- Windows XP Service Pack 3
- Windows Server 2008 for 32-bit Systems
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for Itanium-based Systems
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows Server 2008 for x64-based Systems
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Vista
- Windows Vista Service Pack 1
- Windows Vista Service Pack 2
- Windows Vista x64 Edition
- Windows Vista x64 Edition Service Pack 1
- Windows Vista x64 Edition Service Pack 2