vulnerability CVE-2010-0023

Windows 2000, 2003, XP: privileges elevation via CSRSS

Synthesis of the vulnerability

A local attacker can execute a process which keeps executing after his logout, and captures data of next users connecting to the system.

Severity: 2/4. Creation date: 10/02/2010.

Description of the vulnerability

The CSRSS (Windows Client/Server Run-time Subsystem) manages users treads and processes. When a user logouts, CSRSS should end his processes. However, this is not the case. A local attacker can therefore execute a process which keeps executing after his logout, and captures data of next users connecting to the system.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Windows 2000, 2003, XP: privileges elevation via CSRSS. Keywords: 2000 2003 CSRSS Client Run-time Server Subsystem Windows elevation privileges. Identifiers: 978037, CVE-2010-0023, MS10-011, VIGILANCE-VUL-9435.

Information sources

Publications and announces Source example: MS10-011 - Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Technology watch team on vulnerabilities