MS11-010 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevatio

Discussion in 'Security Alerts' started by News, Feb 9, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Important - Revision Note: V1.0 (February 8, 2011): Bulletin publishedSummary: This security update resolves a privately reported vulnerability in the Microsoft Windows Client/Server Run-time Subsystem (CSRSS) in Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of these operating systems. For more information, see the subsection, Affected and Non-Affected Software, in this section. The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and starts a specially crafted application that continues running after the attacker logs off in order to obtain the logon credentials of subsequent users. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.


Share This Page