Skip Ribbon Commands
Skip to main content
Mauritian National Computer Security Incident Response Team (CERT-MU)

CERT-MU AD-2012-26

Microsoft Windows Multiple Vulnerabilities
Original issue date: May 08, 2012
Updated: May 28, 2012
Severity Rating: High
Overview

Multiple vulnerabilities have been identified in Microsoft Windows and they can be exploited by remote attackers to gain escalated privileges by causing execution of arbitrary code, by pass security restrictions. An update has been released to address these issues.
Description
Multiple remote code execution vulnerabilities were identified in several Cisco products. These vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software and CiscoWorks LAN Management Solution software.
1.     The first vulnerability occurs because of a local privilege-escalation vulnerability that occurs in the Windows Partition Manager ‘partmgr.sys’. This vulnerability can be exploited by a remote attacker to cause execution of arbitrary code with kernel-level privileges. Successful exploits will allow remote attackers to take full control of the affected systems.
2.     Microsoft Windows is vulnerable to another error that affects the TCP/IP stack component ‘tcpip.sys’. This can be exploited by remote attackers to gain elevated privileges by causing execution of arbitrary code in the context of another process. Unsuccessful exploit attempts can cause a denial of service condition.
3.     A security-bypass vulnerability occurs in Microsoft Windows and this can be exploited by remote attackers to bypass firewall restrictions of the system and conduct further attacks.
An update has been released to address these vulnerabilities
 
Affected Systems
  • Microsoft Windows Vista x64 Edition SP2
  • Microsoft Windows Vista x64 Edition SP1
  • Microsoft Windows Vista x64 Edition 0
  • Microsoft Windows Vista SP2
  • Microsoft Windows Vista SP1
  • Microsoft Windows Server 2008 R2 x64 SP1>
  • Microsoft Windows Server 2008 R2 x64 0
  • Microsoft Windows Server 2008 R2 Itanium SP1
  • Microsoft Windows Server 2008 R2 Itanium 0
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems 0
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for 32-bit Systems 0
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 7 for x64-based Systems 0
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for 32-bit Systems 0
  • Avaya Aura Conferencing Standard
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Conferencing 6.0 SP1 Standard
  • Avaya Aura Conferencing 6.0
 
CVE Information
Solution
Users are advised to apply updates.
More information about the updates is available on:
References
Security Focus
Microsoft Security Bulletin
Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
E-mail:


Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis