Written by Alex of NT Internals
Wednesday, 11 March 2009 22:00
mks_vir 'mksmonen.sys' IOCTL Request Local Privilege Escalation Vulnerability
Boundary Condition Error
Mar 09 2009 12:00AM
Mar 11 2009 07:36PM
Alex of NT Internals
MKS Sp. z o.o. mks_vir 0
MKS Sp. z o.o. mks_vir 9 Beta 188.8.131.52 Build
The 'mks_vir' program is prone a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges; this may aid in further attacks.
Versions prior to mks_vir 9 Beta 184.108.40.206 build 297 are vulnerable.
The following exploit code is available:
Reports indicate that this issue has been fixed. Please see the references for more information.
--mks_vir (mksmonen.sys) Privilege Escalation Vulnerability
http://ntinternals.org/ntiadv0809/ntiadv0809.htm (NT Internals)
http://www.mks.com.pl (MKS Sp. z o.o)