---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: Microsoft Virtual PC / Virtual Server Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA26444 VERIFY ADVISORY: http://secunia.com/advisories/26444/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Microsoft Virtual PC 2004 http://secunia.com/product/5079/ Microsoft Virtual PC for Mac 6.x http://secunia.com/product/2997/ Microsoft Virtual PC for Mac 7.x http://secunia.com/product/15304/ Microsoft Virtual Server 2005 http://secunia.com/product/4643/ DESCRIPTION: A vulnerability has been reported in Microsoft Virtual PC and Virtual Server, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error within certain components that communicate with the host OS and can be exploited to cause a heap-based buffer overflow. Successful exploitation allows an administrative user on a guest OS to e.g. execute arbitrary code on the host OS or other guest OS's. SOLUTION: Apply patches. Microsoft Virtual PC 2004: http://www.microsoft.com/downloads/details.aspx?FamilyId=E2C72AAB-00DE-47C9-8ECB-09261C4B7DEB Microsoft Virtual PC 2004 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?FamilyId=2BDA2B8B-9C1C-4BF8-9A65-491092276E7A Microsoft Virtual Server 2005 Standard Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=F9EC76CD-0607-4394-BC49-35E95D02DA51 Microsoft Virtual Server 2005 Enterprise Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=A35E556C-2F7B-4B72-9662-AE7286573C3F Microsoft Virtual Server 2005 R2 Standard Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=D44B8669-A4FB-4CBA-B130-E1BC08B10C6F Microsoft Virtual Server 2005 R2 Enterprise Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=84CA3BA9-6575-4C5B-8F8E-4E4A635A4705 Microsoft Virtual PC for Mac Version 6.1/7.0: http://www.microsoft.com/mac/downloads.aspx#VPC PROVIDED AND/OR DISCOVERED BY: The vendor credits Rafal Wojtczuk, McAfee Avert Labs. ORIGINAL ADVISORY: MS07-049 (KB937986): http://www.microsoft.com/technet/security/Bulletin/MS07-049.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------