[security-alerts] >>: [SA23308] Microsoft Windows File Manifest Privilege Escalation Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

TITLE:
Microsoft Windows File Manifest Privilege Escalation Vulnerability

SECUNIA ADVISORY ID:
SA23308

VERIFY ADVISORY:
http://secunia.com/advisories/23308/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows XP Professional
http://secunia.com/product/22/

DESCRIPTION:
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an error in the Client-Server
Run-time Subsystem when processing file manifests and can be
exploited by starting up an applications with specially crafted file
manifest.

Successful exploitation allows execution of arbitrary code with
escalated privileges.

SOLUTION:
Apply patches.

Microsoft Windows XP SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=966704b5-1a7e-4110-9694-844706a52db7

Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5ea314a2-d76a-46f9-853b-15ff03f8ad95

Microsoft Windows Server 2003 for Itanium-based systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=7bceaa11-f655-4e3c-a588-5c49097e970b

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
MS06-075 (KB926255):
http://www.microsoft.com/technet/security/Bulletin/MS06-075.mspx