Privilege escalation in Windows Server and Windows

#VU1341 Privilege escalation in Windows Server and Windows

Published: 2016-12-16 | Updated: 2017-03-16

Vulnerability identifier: #VU1341

Vulnerability risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2009-1126

CWE-ID: CWE-233

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Windows Server
Operating systems & Components / Operating system
Windows
Operating systems & Components / Operating system

Vendor: Microsoft

Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to improper validation of user-mode input. By running a malicious application, a local attacker can edit an unspecified desktop parameter and execute arbitrary code in kernel mode.

Successful exploitation of the vulnerability results in privilege escalation allowing to execute arbitrary code and take complete control of an affected system.

Mitigation
Install update from vendor's website:

Microsoft Windows 2000 Service Pack 4:
https://www.microsoft.com/downloads/details.aspx?familyid=79b0481d-a3d7-477b-928a-a98cc79374af
http://go.microsoft.com/fwlink/?LinkId=132503
Windows XP Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=6349e046-a3f8-4ae5-b8c3-c9879cc99e8f
http://go.microsoft.com/fwlink/?LinkId=132503
Windows XP Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=6349e046-a3f8-4ae5-b8c3-c9879cc99e8f
http://go.microsoft.com/fwlink/?LinkId=132503
Windows XP Professional x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=3769800e-af93-4a44-8a1e-b30cc54b226f
http://go.microsoft.com/fwlink/?LinkId=132503
Windows Server 2003 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=9356404c-d89a-4de0-b9b4-f6e1bdadf745
http://go.microsoft.com/fwlink/?LinkId=132503
Windows Server 2003 x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=5a3123af-173d-49eb-9997-14e82e764aee
http://go.microsoft.com/fwlink/?LinkId=132503
Windows Server 2003 with SP2 for Itanium-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=13b50993-410f-4e7a-a33a-6d9b48dbb4d1
http://go.microsoft.com/fwlink/?LinkId=132503

Vulnerable software versions

Windows Server: 2003

Windows: 2000, XP

External links
http://technet.microsoft.com/en-us/library/security/ms09-025.aspx

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple priviledge escalation vulnerabilities in Microsoft Windows