Description: This update resolves several newly discovered, privately and publicly disclosed vulnerabilities. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Update type: Critical

Release date: April 10, 2007

Applies to: All versions

Knowledge base: support.microsoft.com/kb/930178

Download link: 32-bit | 64-bit

Comments: Fixes three Vista vulnerabilities:

• MsgBox (CSRSS) Remote Code Execution Vulnerability - CVE-2006-6696: (Critical) “A remote code execution vulnerability exists in the Windows Client/Server Run-time Subsystem (CSRSS) process because of the way that it handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution.

  Additionally, if a user viewed a specially crafted Web site, an attacker who successfully exploited this vulnerability could take complete control of an affected system.”

• CSRSS Local Elevation of Privilege Vulnerability - CVE-2007-1209: (Important) “A privilege elevation vulnerability exists in the way that the Windows 32 Client/Server Run-time Subsystem (CSRSS) handles its connections during the startup and stopping of processes.”
• CSRSS DoS Vulnerability - CVE-2006-6797: (Low) “A denial of service vulnerability exists in the Client/Server Run-time Subsystem (CSRSS) service because of the way it handles error messages. An attacker could exploit the vulnerability by running a specially crafted application causing the system to restart.”