Vulnerabilities in Windows Could Allow Elevation of Privilege
Description:This security update resolves four publicly disclosed vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker is allowed to log on to the system and then run a specially crafted application. The attacker must be able to run code on the local machine in order to exploit this vulnerability. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system. The security update addresses the vulnerabilities by correcting the way that Microsoft Windows addresses tokens requested by the Microsoft Distributed Transaction Coordinator (MSDTC), and by properly isolating WMI providers and processes that run under the NetworkService or LocalService accounts.
Update type: Important
Release date: April 14, 2009
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/959454
Download link: 32-bit | 64-bit
Comments:There are different downloads if you are running the beta of SP2.
Here are the specifics on the vulnerabilities covered by this update:
- Windows MSDTC Service Isolation Vulnerability – CVE-2008-1436
- Windows WMI Service Isolation Vulnerability – CVE-2009-0078
- Windows RPCSS Service Isolation Vulnerability – CVE-2009-0079
- Windows Thread Pool ACL Weakness Vulnerability – CVE-2009-0080
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB959454.