CVE-2009-0229

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the patchday that contains the fix for the issue, including: Windows 2000 SP4 Windows XP SP2 and SP3 Windows Server 2003 SP2 Windows Vista Gold, SP1, and SP2 Windows Server 2008 SP2

Description A local, authenticated information disclosure issue exists in the Windows Printing Service, allowing users to read arbitrary files via a crafted separator page. This could enable a user to read or print any file on the system, even without administrative access. The issue cannot be exploited remotely or by anonymous users.

Recommendations For Windows 2000 SP4, apply the patch from the patchday that contains the fix for the issue. For Windows XP SP2 and SP3, apply the patch from the patchday that contains the fix for the issue. For Windows Server 2003 SP2, apply the patch from the patchday that contains the fix for the issue. For Windows Vista Gold, SP1, and SP2, apply the patch from the patchday that contains the fix for the issue. For Windows Server 2008 SP2, apply the patch from the patchday that contains the fix for the issue.