Content
(MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
- Type
- Logic error
- Impact of exploitation
- Privilege Escalation
- User Interaction
- user interaction is needed
- Attack Vector
- Authenticated locally logged on user with limited privileges
- Rating
- Low
- CVE reference
- CVE-2009-2515,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 SP4,
- Windows XP SP3,
- Windows XP X64 Professional,
- Windows Server 2003 2003 SP2,
- Windows 2003 x64 SP2,
- Windows Server 2003 Itanium SP2,
- Windows Vista SP2,
- Windows Vista Any Version X64,
- Windows Server 2008 RTM,
- Summary
- A vulnerability in the Windows Kernel may allow for local privilege elevation attacks.
Tab Navigation
Description
A vulnerability in the Windows Kernel may allow for local privilege elevation attacks. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
- Signature identifier:
- 7203
- Release date:
- 10/13/2009
McAfee Intrushield
McAfee Host IPS
- Signature:
- (MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
- Signature identifier:
- 7203
- Release date:
- 10/14/2009
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
The V-Flash of October 14th will contain remedies for this issue.
- Signature:
- Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
- Signature identifier:
- 98944
- Release date:
- 10/14/2009
Additional Resources
(MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
All Information
Timeline -
10/13/2009
Vendor has provided a patch.
Description -
A vulnerability in the Windows Kernel may allow for local privilege elevation attacks. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
- Signature identifier:
- 7203
- Release date:
- 10/13/2009
McAfee Intrushield
McAfee Host IPS
- Signature:
- (MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
- Signature identifier:
- 7203
- Release date:
- 10/14/2009
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
The V-Flash of October 14th will contain remedies for this issue.
- Signature:
- Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
- Signature identifier:
- 98944
- Release date:
- 10/14/2009
Additional Resources
Additional Resources -
(MS09-058) Windows Kernel Integer Underflow Vulnerability (971486)
http://www.microsoft.com/technet/security/bulletin/ms09-058.mspx
