MS10-011: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
Medium Nessus Plugin ID 44421
SynopsisUsers can elevate their privileges on the remote host.
DescriptionThe remote host allows elevation of privileges in its Windows Client/Server run-time subsystem (CSRSS) because of a failure to properly terminate user processes when a user logs out.
An attacker might exploit this to run arbitrary code in kernel mode.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.