Content

(MS07-067) Microsoft Windows Macrovision Driver Vulnerability (944653)

Type
Logic error
Impact of exploitation
Privilege Escalation
User Interaction
no user interaction is needed
Attack Vector
Authenticated locally logged on user with limited privileges
Rating
Medium
CVE reference
CVE-2007-5587,
Vendor Status
Responded and patched
Vulnerable systems
Windows Xp  Sp2,
Windows 2003  Sp2,
Summary
A vulnerability in Microsoft Windows XP and 2003 may allow for local privilege escalation attacks.

Tab Navigation

Description

Windows is an industry-standard operating system developed by Microsoft. A vulnerability in Microsoft Windows XP and 2003 may allow for local privilege escalation attacks. The vulnerability is caused due to improper handling of configuration parameters. Malware that exploits the vulnerability has been found in the wild.

McAfee Product Mitigation & Recommendations

Recommendations

Macrovision has patched this flaw. Recommend patching from: http://www.macrovision.com/webdocuments/Downloads/SECDRVSYS.zip Download and install the patch available from Microsoft (944653): http://www.microsoft.com/technet/security/Bulletin/MS07-067.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:
(MS07-067) Microsoft Windows Macrovision Driver Vulnerability (944653)
Signature identifier:
5550
Release date:
10/30/2007

Additional Resources

Microsoft Security Bulletin: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)

http://www.microsoft.com/technet/security/Bulletin/MS07-067.mspx

All Information

Timeline -

12/11/2007

Vendor has provided a patch.

10/31/2007

Malware exploiting this vulnerability has been discovered.

10/17/2007

Technical details have been published.

10/16/2007

Information has been published about the vulnerability.

Description -

Windows is an industry-standard operating system developed by Microsoft. A vulnerability in Microsoft Windows XP and 2003 may allow for local privilege escalation attacks. The vulnerability is caused due to improper handling of configuration parameters. Malware that exploits the vulnerability has been found in the wild.

McAfee Product Mitigation & Recommendations

Recommendations -

Macrovision has patched this flaw. Recommend patching from: http://www.macrovision.com/webdocuments/Downloads/SECDRVSYS.zip Download and install the patch available from Microsoft (944653): http://www.microsoft.com/technet/security/Bulletin/MS07-067.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:
(MS07-067) Microsoft Windows Macrovision Driver Vulnerability (944653)
Signature identifier:
5550
Release date:
10/30/2007

Additional Resources

Additional Resources -

Microsoft Security Bulletin: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)

http://www.microsoft.com/technet/security/Bulletin/MS07-067.mspx