OSVDB ID: 68518

Title: Microsoft Windows on 32-bit Task Scheduler Crafted Application Local Privilege Escalation

Info

Disclosure

Sep 13, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Oct 12, 2010

Description

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is caused due to the Windows Task Scheduler failing to properly determine certain scheduled tasks' security context. This may be exploited by malicious, local, context-dependent attackers to gain escalated privileges via a crafted application.

Classification

Location: Local Access Required, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: Vendor Verified, Discovered in the Wild

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Microsoft Corporation	Windows Vista	SP1
		SP2
		x64 Edition SP1
		x64 Edition SP2
	Windows Server	2008 SP2
		for Itanium-based Systems
		2008
		2008 R2 for x64-based Systems
		2008 R2 for Itandium-based Systems
		for Itanium-based Systems SP2
	Windows 7	All Versions

References

Exploit Database: 15589 19930
CVE ID: 2010-3338 (see also: NVD) 2010-3888 (see also: NVD)
Microsoft Knowledge Base Article: 2305420
Secunia Advisory ID: 41471
SCIP VulDB ID: 4207
Bugtraq ID: 44357
Mail List Post: http://attrition.org/pipermail/vim/2010-November/002482.html
Vendor Specific News/Changelog Entry: http://blogs.technet.com/b/msrc/archive/2010/09/13/september-2010-security-bulletin-release.aspx
Other Advisory URL: http://isc.sans.edu/diary.html?storyid=9988
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute7.xml
http://www.virusbtn.com/conference/vb2010/abstracts/LastMinute8.xml
News Article: http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_
http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100716
http://www.eweek.com/c/a/Security/Sophisticated-Stuxnet-Worm-Uses-4-Microsoft-Zeroday-Bugs-629672/
http://www.net-security.org/secworld.php?id=10202
http://www.securelist.com/en/blog/2291/Myrtus_and_Guava_Episode_MS10_061
http://www.symantec.com/connect/blogs/stuxnet-using-three-additional-zero-day-vulnerabilities
Generic Exploit URL: http://www.exploit-db.com/sploits/uacpoc.zip
Microsoft Security Bulletin: MS10-092

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/68518

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows Vista

Windows Server

Windows 7

References

Credit