Microsoft Virtual PC和Virtual Server本地权限提升漏洞（MS09-033）

BUGTRAQ ID: 35601 CVECAN ID: CVE-2009-1542 Microsoft Virtual PC和Virtual Server都是流行的虚拟机工具，允许在同一台计算机上运行多个操作系统。 Virtual PC和Virtual Server在Virtual Machine Monitor中执行特定指令时没有正确地验证权限级别，可能允许攻击者在承载的Guest操作系统中以提升的权限执行代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Virtual PC 2007 SP1 Microsoft Virtual...

MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)

The remote host is running a version of Virtual PC or Virtual Server that incorrectly validates privilege levels when executing specific instructions in the Virtual Machine Monitor. An attacker who has logged in to a guest operating system running under the affected software can leverage this iss...