Microsoft Windows Utility Manager gain privileges

win-utilitymanager-gain-privileges (16592) The risk level is classified as HighHigh Risk

Description:

Microsoft Windows could allow a local attacker to gain elevated privileges, caused by a vulnerability in the process used by Utility Manager to launch applications. By default, Utility Manager is installed, but not running. A local attacker, with valid logon credentials, could start Utility Manager and execute a program containing a specially-crafted message to Utility Manager, allowing the attacker to gain elevated privileges and take complete control of the system.


Consequences:

Gain Access

Remedy:

Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS04-019. See References.

References:

  • BugTraq Mailing List, Tue Jul 13 2004 - 15:00:33 CDT: Microsoft Window Utility Manager Local Elevation of Privileges.
  • CIAC Information Bulletin O-180: Microsoft Utility Manager Vulnerability.
  • Microsoft Security Bulletin MS04-019: Vulnerability in Utility Manager Could Allow Code Execution (842526).
  • BID-10707: Microsoft Windows Utility Manager Local Privilege Escalation Variant Vulnerability
  • CVE-2004-0213: Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a Shatter style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.
  • US-CERT VU#868580: Microsoft Windows Utility Manager launches applications with system privileges

Platforms Affected:

  • Microsoft Windows 2000 SP2
  • Microsoft Windows 2000 SP4
  • Microsoft Windows 2000 SP3

Reported:

Jul 13, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page