Microsoft WINS Local Elevation of Privilege Vulnerability
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
![TYPE: Windows OS](/f/bulletin_type/100000/37p37/operation-system-windowsos.png)
An elevation of privilege vulnerability exists in WINS, allowing arbitrary code to be executed in the context of the local system. The vulnerability is caused when the WINS server improperly processes a sequence of specially crafted packets received on the loopback interface. A local attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
- Elevation of Privilege
System / Technologies affected
- Windows Server 2003
- Windows Server 2008
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/MS11-070
Vulnerability Identifier
Source
Related Link
Share with