Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow
Medium Nessus Plugin ID 28185
SynopsisThe remote Windows host contains a kernel driver that is prone to a local privilege escalation vulnerability.
DescriptionMacrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host.
The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the METHOD_NEITHER IOCTL.
SolutionUpgrade to Macrovision SECDRV.SYS Driver version 4.3.86 or later.