MS09-033: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (969856)
High Nessus Plugin ID 39795
SynopsisThe remote host contains an application that is affected by a privilege escalation vulnerability.
DescriptionThe remote host is running a version of Virtual PC or Virtual Server that incorrectly validates privilege levels when executing specific instructions in the Virtual Machine Monitor. An attacker who has logged in to a guest operating system running under the affected software can leverage this issue to run code with elevated privileges inside the hosted guest operating system.
SolutionMicrosoft has released a set of patches for Virtual PC 2004 and 2007 as well as Virtual Server 2005.