CVE-2011-1281

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through R2 SP1 Microsoft Windows 7 versions Gold through SP1

Description The issue arises from the improper restriction of console objects for a process in the Client/Server Run-time Subsystem (CSRSS) of the Win32 subsystem. This allows local users to potentially gain privileges or cause a denial of service due to memory corruption. The vulnerability is related to the way CSRSS assigns memory for specific user transactions, which could allow an attacker to run arbitrary code in kernel mode. This could enable an attacker to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows XP versions SP2 through SP3, apply the recommended patch to fix the CSRSS Local EOP AllocConsole Vulnerability. For Microsoft Windows Server 2003 version SP2, apply the recommended patch to fix the CSRSS Local EOP AllocConsole Vulnerability. For Microsoft Windows Vista versions SP1 through SP2, apply the recommended patch to fix the CSRSS Local EOP AllocConsole Vulnerability. For Microsoft Windows Server 2008 versions Gold through R2 SP1, apply the recommended patch to fix the CSRSS Local EOP AllocConsole Vulnerability. For Microsoft Windows 7 versions Gold through SP1, apply the recommended patch to fix the CSRSS Local EOP AllocConsole Vulnerability. As a temporary workaround, consider restricting access to the CSRSS subsystem to minimize the risk of exploitation.