Microsoft Windows本地权限提升漏洞(CVE-2012-0180)(MS12-034)

2012-05-09T00:00:00
ID SSV:60122
Type seebug
Reporter Root
Modified 2012-05-09T00:00:00

Description

BUGTRAQ ID: 53324 CVE ID: CVE-2012-0180

Microsoft Windows是流行的计算机操作系统。

Windows内核模式驱动程序管理与窗口和消息处理相关的功能的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者随后可安装程序;查看、更改或删除数据;或者创建拥有完全管理权限的新帐户。 0 Microsoft Windows Windows XP Service Pack 3 0 Microsoft Windows Windows XP Professional x64 Ed Microsoft Windows Windows XP Professional x64 Ed Microsoft Windows Windows XP 0 Microsoft Windows Windows Vista x64 Edition SP2 Microsoft Windows Windows Vista x64 Edition SP1 Microsoft Windows Windows Vista SP2 Microsoft Windows Windows Vista SP1 Microsoft Windows Windows Server 2008 Standard E Microsoft Windows Windows Server 2008 R2 x64 SP1 Microsoft Windows Windows Server 2008 R2 x64 0 Microsoft Windows Windows Server 2008 R2 Itanium Microsoft Windows Windows Server 2008 R2 Itanium Microsoft Windows Windows Server 2008 for x64-ba Microsoft Windows Windows Server 2008 for x64-ba Microsoft Windows Windows Server 2008 for Itaniu Microsoft Windows Windows Server 2008 for 32-bit Microsoft Windows Windows Server 2008 for 32-bit Microsoft Windows Windows Server 2003 x64 SP2 Microsoft Windows Windows Server 2003 SP2 Microsoft Windows Windows Server 2003 SP1 Microsoft Windows Windows Server 2003 Itanium SP Microsoft Windows Windows 7 for x64-based System Microsoft Windows Windows 7 for x64-based System Microsoft Windows Windows 7 for 32-bit Systems S Microsoft Windows Windows 7 for 32-bit Systems 0 厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS12-034)以及相应补丁:

MS12-034:Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)

链接:http://www.microsoft.com/technet/security/bulletin/MS12-034.asp