Privilege Escalation Vulnerability in Virtual PC and Virtual Server - MS09-033ID: oval:org.secpod.oval:def:2639 | Date: (C)2011-10-31 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS09-033. The update is required to fix privilege escalation vulnerability. A flaw is present in the Microsoft Virtual PC and Microsoft Virtual Server, which fails to validate privilege levels when executing specific instructions in the Virtual Machine Monitor. Successful exploitation allows an attacker to execute code with elevated privilege or gain the same user rights as the local user.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Product: |
Microsoft Virtual Server 2005 |
Microsoft Virtual PC 2004 |
Microsoft Virtual PC 2007 |