MS10-068: Vulnerability in Local Security Authority Subsystem Service could allow elevation of privilege

2017-01-07T23:38:11
ID KB983539
Type mskb
Reporter Microsoft
Modified 2019-11-06T02:22:28

Description

<html><body><p>Resolves a vulnerability in Active Directory directory service, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) that could allow elevation of privilege if an authenticated attacker sent a specially crafted LDAP messages to a listening LSASS server.</p><h2>INTRODUCTION</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS10-068. To view the complete security bulletin, visit one of the following Microsoft websites:<br/><ul class="sbody-free_list"><li>Home users:<br/><div class="indent"><a href="http://www.microsoft.com/security/updates/bulletins/201009.aspx" id="kb-link-1" target="_self">http://www.microsoft.com/security/updates/bulletins/201009.aspx</a></div><span class="text-base">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class="indent"><a href="http://update.microsoft.com/microsoftupdate/" id="kb-link-2" target="_self">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br/><div class="indent"><a href="http://www.microsoft.com/technet/security/bulletin/ms10-068.mspx" id="kb-link-3" target="_self">http://www.microsoft.com/technet/security/bulletin/MS10-068.mspx</a></div></li></ul><span><h3 class="sbody-h3">How to obtain help and support for this security update</h3> <br/>Help installing updates: <br/><a href="https://support.microsoft.com/ph/6527" id="kb-link-4" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href="http://technet.microsoft.com/security/bb980617.aspx" id="kb-link-5" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-6" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href="https://support.microsoft.com/common/international.aspx" id="kb-link-7" target="_self">International Support</a><br/><br/></span></div><h2>More Information</h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Known issues and additional information about this security update</h3> <br/><br/> The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<br/> <br/><br/><br/><ul class="sbody-free_list"><li><a href="https://support.microsoft.com/en-us/help/981550" id="kb-link-8">981550 </a> MS10-068: Description of the security update for Active Directory: September 2010 <br/></li><li><a href="https://support.microsoft.com/en-us/help/982000" id="kb-link-9">982000 </a> MS10-068: Description of the security update for Active Directory Application Mode (ADAM): September 2010 <br/></li></ul></div></body></html>