CVE-2011-1991

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory. This can be demonstrated by a directory containing certain file types, such as .doc, .rtf, or .txt files. The vulnerability is related to insecure library loading in various Windows components, including the Display Panning CPL Extension, EAPHost Authenticator Service, Folder Redirection, HyperTerminal, Japanese Input Method Editor (IME), and Microsoft Management Console (MMC). A remote code execution vulnerability exists in the way certain Windows components handle the loading of DLL files, potentially allowing an attacker to take complete control of an affected system.

Recommendations For Microsoft Windows XP versions SP2 through SP3, consider disabling the deskpan.dll in the Display Panning CPL Extension as a temporary workaround. For Microsoft Windows Server 2003 version SP2, restrict access to the EAPHost Authenticator Service to minimize the risk of exploitation. For Microsoft Windows Vista version SP2, avoid using the Folder Redirection feature until the issue is resolved. For Microsoft Windows Server 2008 versions SP2 through R2 SP1, consider disabling the HyperTerminal feature as a temporary mitigation measure. For Microsoft Windows 7 versions Gold through SP1, restrict access to the Japanese Input Method Editor (IME) to minimize the risk of exploitation.