![]() The vulnerability could only be exploited by an attacker who has credentials to log on to the computer interactively. It could also give the attacker the ability to delete or to create user accounts with root access. This would give the attacker the ability to take any action that they want on a system such as adding, deleting, or modifying data. ![]() An attacker who successfully exploited this vulnerability on the Macintosh platform could gain complete control over the system. This is a privilege elevation vulnerability. Vulnerability identifier: CAN-2004-0115 Frequently Asked Questions The above assessment is based on the types of systems that are affected by the vulnerability, their typical deployment patterns, and the effect that exploiting the vulnerability would have on them. Microsoft Virtual PC for the Macintosh (all supported versions) Standard best practices recommend only allowing trusted users to log on to systems interactively. Systems that are secured by using best practices are at reduced risk from this vulnerability.The vulnerability could not be exploited remotely without a valid user account. An attacker must have valid logon credentials to exploit the vulnerability.To exploit this vulnerability, an attacker would have to already have a valid logon account on the local system, or the attacker would already have to have access to a valid logon account. This could give the attacker complete control over the system. An attacker could exploit this vulnerability by inserting malicious code into the file which could cause the code to be run with system privileges. The vulnerability exists because of the method by which Virtual PC for Mac creates a temporary file when you run Virtual PC for Mac. General Information Technical DetailsĪ security vulnerability exists in Microsoft Virtual PC for Mac. Please review the Microsoft Support Lifecycle Web site to determine the support lifecycle for your product and version. Other versions either no longer include security patch support or may not be affected. The software listed above has been tested to determine if the versions are affected. Microsoft Virtual PC for Mac version 6.1 - Download the update.Microsoft Virtual PC for Mac version 6.02 - Download the update.Microsoft Virtual PC for Mac version 6.01 - Download the update.Microsoft Virtual PC for Mac version 6.0 - Download the update.Tested Software and Security Update Download Locations: In this article Vulnerability in Virtual PC for Mac Could Allow Privilege Elevation (835150)Ĭustomers who are using Microsoft® Virtual PC for MacĬustomers should install this security update at the earliest opportunity
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |