漏洞信息详情
Microsoft Windows多个内核权限提升漏洞
- CNNVD编号:CNNVD-200810-245
- 危害等级: 高危
- CVE编号: CVE-2008-2252
- 漏洞类型: 权限许可和访问控制问题
- 发布时间: 2008-10-15
- 威胁类型: 本地
- 更新时间: 2019-10-17
- 厂 商: microsoft
- 漏洞来源: Paul CatonThomas G...
漏洞简介
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。
Windows内核未正确验证新窗口创建过程中所传递的窗口属性,未正确验证某些用户态输出,或可能处于双重释放的状态。成功利用此漏洞的攻击者可以运行任意内核态代码。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Microsoft Windows XP Media Center Edition SP2
Microsoft Security Update for Windows XP (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c -43f3-be67-4c79ab5b2607&displaylang=en
Microsoft Windows Server 2003 Itanium SP1
Microsoft Security Update for Windows Server 2003 for IB Systems (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=1e6c3f81-85bb -48e6-a5af-635a7e540c93
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
Microsoft Security Update for Windows Server 2003 for IB Systems (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=1e6c3f81-85bb -48e6-a5af-635a7e540c93
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=57ca28ea-e5e1 -4191-a3d6-84aa90a3d668&displaylang=en
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Security Update for Windows XP (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c -43f3-be67-4c79ab5b2607&displaylang=en
Microsoft Windows Vista Home Premium 64-bit edition SP1
Microsoft Security Update for Windows Vista for x64-based Systems (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=905ab030-14a5 -4a3d-aa11-e8f957f6a1ea
Microsoft Windows XP Media Center Edition SP3
Microsoft Security Update for Windows XP (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c -43f3-be67-4c79ab5b2607&displaylang=en
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Security Update for Windows Server 2003 for IB Systems (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=1e6c3f81-85bb -48e6-a5af-635a7e540c93
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652 -4a8f-ab8f-622f9746c320
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Security Update for Windows Server 2003 (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652 -4a8f-ab8f-622f9746c320
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Security Update for Windows XP x64 Edition (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652 -4a8f-ab8f-622f9746c320
Microsoft Windows Vista Ultimate 64-bit edition SP1
Microsoft Security Update for Windows Vista for x64-based Systems (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=905ab030-14a5 -4a3d-aa11-e8f957f6a1ea
Microsoft Windows Server 2003 Standard Edition
Microsoft Security Update for Windows Server 2003 (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652 -4a8f-ab8f-622f9746c320
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Security Update for Windows Server 2003 x64 Edition (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=57ca28ea-e5e1 -4191-a3d6-84aa90a3d668&displaylang=en
Microsoft Windows XP Tablet PC Edition SP3
Microsoft Security Update for Windows XP (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=7718bf14-c26c -43f3-be67-4c79ab5b2607&displaylang=en
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Security Update for Windows Server 2003 x64 Edition (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=57ca28ea-e5e1 -4191-a3d6-84aa90a3d668&displaylang=en
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Security Update for Windows Server 2003 (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e696762-d652 -4a8f-ab8f-622f9746c320
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Security Update for Windows Server 2008 x64 Edition (KB954211)
http://www.microsoft.com/downloads/details.aspx?familyid=6e641db2-90c8 -458f-9795-3e46b70a5203&displaylang=en
Microsoft Windows Vista Business SP1
Microsoft Security Update for Windows
参考网址
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA08-288A.HTML
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/45544
来源:HP
链接:http://marc.info/?l=bugtraq&m=122479227205998&w=2
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-061
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/45543
来源:BID
链接:https://www.securityfocus.com/bid/31652
来源:SECUNIA
链接:http://secunia.com/advisories/32247
来源:SECTRACK
链接:http://www.securitytracker.com/id?1021046
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6045
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2008/2812
来源:BID
链接:http://www.securityfocus.com/bid/31652
受影响实体
- Microsoft Windows_server_2003:Sp2
- Microsoft Windows_server_2003:Sp1:Itanium
- Microsoft Windows_server_2003:Sp1
- Microsoft Windows_server_2003:Sp2:X64
- Microsoft Windows_server_2003:Sp1:X64
补丁
暂无
评论