[SECURITY-L] CAIS-Alerta: Vulnerabilidade no Kernel do Microsoft Windows (MS08-025)
CSIRT - UNICAMP
security em unicamp.br
Qua Abr 9 09:20:05 -03 2008
----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----
From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Vulnerabilidade no Kernel do Microsoft Windows (MS08-025)
To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Tue, 8 Apr 2008 17:19:54 -0300 (BRT)
-----BEGIN PGP SIGNED MESSAGE-----
Prezados,
O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-025 -
Vulnerability in Windows Kernel Could Allow Elevation of Privilege
(941693)", que trata de uma vulnerabilidade no Kernel do Microsoft
Windows.
A vulnerabilidade de elevacao de privilegios existe devido `a maneira
impropria como o Microsoft Windows valida entradas passadas do modo
usuario para o Kernel.
Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele
podera obter o controle total sobre o sistema afetado.
Sistemas afetados:
. Microsoft Windows 2000 Service Pack 4
. Windows XP Service Pack 2
. Windows XP Professional x64 Edition
. Windows XP Professional x64 Edition Service Pack 2
. Windows Server 2003 Service Pack 1
. Windows Server 2003 Service Pack 2
. Windows Server 2003 x64 Edition
. Windows Server 2003 x64 Edition Service Pack 2
. Windows Server 2003 com SP1 para Sistemas baseados em Itanium
. Windows Server 2003 com SP2 para Sistemas baseados em Itanium
. Windows Vista
. Windows Vista Service Pack 1
. Windows Vista x64 Edition
. Windows Vista x64 Edition Service Pack 1
. Windows Server 2008 para Sistemas 32-bit
. Windows Server 2008 para Sistemas baseados em x64
. Windows Server 2008 para Sistemas baseados em Itanium
Correcoes disponiveis:
Recomenda-se fazer a atualizacao para as versoes disponiveis em :
. Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=8db9f328-da0e-4fb8-96c4-6d368b47c224
. Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=0e937f65-abd0-46dd-8883-5bfd70ea1178
. Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=a29bbd13-761f-44fa-8948-e1a8c244bd7a
. Windows XP Professional x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=a29bbd13-761f-44fa-8948-e1a8c244bd7a
. Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=d3b855a6-4648-4771-826d-11a151828eac
. Windows Server 2003 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=d3b855a6-4648-4771-826d-11a151828eac
. Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=320fd100-35e1-4345-9399-796393235cbc
. Windows Server 2003 x64 Edition Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=320fd100-35e1-4345-9399-796393235cbc
. Windows Server 2003 com SP1 para Sistemas baseados em Itanium
http://www.microsoft.com/downloads/details.aspx?familyid=126426a7-be38-4327-89db-02d99d76589d
. Windows Server 2003 com SP2 para Sistemas baseados em Itanium
http://www.microsoft.com/downloads/details.aspx?familyid=126426a7-be38-4327-89db-02d99d76589d
. Windows Vista
http://www.microsoft.com/downloads/details.aspx?familyid=9640cd8b-d749-4ddd-8af9-b298cebed969
. Windows Vista Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=9640cd8b-d749-4ddd-8af9-b298cebed969
. Windows Vista x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=d56bb4fe-304e-45e0-95f2-fde2f47b2a04
. Windows Vista x64 Edition Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=d56bb4fe-304e-45e0-95f2-fde2f47b2a04
. Windows Server 2008 para Sistemas 32-bit
http://www.microsoft.com/downloads/details.aspx?familyid=4497333c-9418-4b91-83dc-0155735421c0
. Windows Server 2008 para Sistemas baseados em x64
http://www.microsoft.com/downloads/details.aspx?familyid=5aefc7a6-79a4-45a2-b534-35d0ec400dda
. Windows Server 2008 para Sistemas baseados em Itanium
http://www.microsoft.com/downloads/details.aspx?familyid=3080c26b-7456-41ef-8668-28f15bc7b8ce
Mais informacoes:
. MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
http://www.microsoft.com/technet/security/Bulletin/MS08-025.mspx
. Microsoft Brasil Security
http://www.microsoft.com/brasil/security
. SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview
http://www.isc.sans.org/diary.html?storyid=4264
. Technet Brasil - Central de Seguranca
http://www.technetbrasil.com.br/seguranca
. Windows Live OneCare
http://safety.live.com/site/pt-BR/default.htm
Identificador CVE (http://cve.mitre.org): CVE-2008-1084
O CAIS recomenda que os administradores mantenham seus sistemas e
aplicativos sempre atualizados, de acordo com as ultimas versoes e
correcoes oferecidas pelos fabricantes.
Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF:
http://www.rnp.br/cais/alertas/rss.xml
Atenciosamente,
################################################################
# CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) #
# Rede Nacional de Ensino e Pesquisa (RNP) #
# #
# cais em cais.rnp.br http://www.cais.rnp.br #
# Tel. 019-37873300 Fax. 019-37873301 #
# Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key #
################################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iQCVAwUBR/vTdOkli63F4U8VAQESswP/UN/stGp7rtQ6kSXwc5PRtdfWnzix2M/M
3/LkDIard/0cjBfATfTwxYm2apuvRupvPf9EuQqfROgspQuxkAKBbixhP7GCZTWJ
22/8VMKYqbEDaKsvQ2YYD8TuHIZk77vW/2u8XvBjSLNwzTyptAiPTxFP/gcpwDV2
ZwUXTaTghv0=
=ieqr
-----END PGP SIGNATURE-----
----- End forwarded message -----
Mais detalhes sobre a lista de discussão SECURITY-L