The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote malicious users to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2008 |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2008 - |
||
microsoft windows xp - |
||
microsoft windows 7 - |
||
microsoft windows vista - |
||
microsoft windows xp |
||
microsoft windows vista |
||
microsoft windows server 2003 |
This section of the report forms part of Kaspersky Security Bulletin 2010 and is based on data obtained and processed using the Kaspersky Security Network (KSN). KSN integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important innovations. KSN assists Kaspersky Lab’s experts to swiftly detect new malware in real-time, when no corresponding signature or heuristic detection exists for these threats. KSN helps identify sources of malware ...