Reported April 12, 2005 by Microsoft
VERSIONS AFFECTED
Windows Server 2003
|
DESCRIPTION
The specified Windows
platforms contain three vulnerabilities that could lead to privilege
elevation and one vulnerability that could lead to denial of service
conditions on affected systems. The privilege
elevation issues are due to the way Windows processes certain fonts and
access requests. The nature of denial of service condition was not
explained by Microsoft in any amount of detail that could reveal what
might cause the problem.
VENDOR RESPONSE
Microsoft has issued a
patch, "Vulnerabilities
in Windows Kernel Could Allow Elevation of Privilege and Denial of
Service (890859)," to correct these problems.
CREDITS:
John Heasman with Next
Generation Security Software Ltd.
Sanjeev Radhakrishnan, Amit Joshi, and Ananta Iyengar with GreenBorder
Technologies
David Fritz