In association with heise online

23 October 2007, 09:40

Windows privilege escalation vulnerability due to faulty driver

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A faulty driver in Windows XP SP2 and Windows Server 2003 SP1 allows users with restricted access privileges to gain system privileges. The vulnerability is caused by a buffer overflow in the secdrv.sys driver which, according to Symantec, is a component of Macrovision's SafeDisc copy protection. The file is shipped with Windows. Using specially crafted parameters an attacker can inject malicious code into memory and start with system privileges.

According to Symantec, the vulnerability is already being exploited, although attackers need to have direct access to a system. Microsoft has apparently already been informed about the problem, but no patch has so far become available. Although Symantec has not released any details about the vulnerability there are several blogs which discuss the flaw and also offer an exploit demonstrating the vulnerability.

Home users are generally less affected by privilege escalation vulnerabilities since they usually have full system privileges anyway. For corporate system administrators, however, Symantec recommends restricting access to systems and services for all accounts except those with administrator privileges. Presently, Vista does not seem to be affected by the problem.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit