MS11-097: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
High Nessus Plugin ID 57283
SynopsisThe remote Windows host has a privilege escalation vulnerability.
DescriptionThe Windows Client/Server Run-time Subsystem (CSRSS) on the remote host has a privilege escalation vulnerability. Permissions are not properly validated when a lower-integrity process communicates a device event to a higher-integrity process. A local attacker could exploit this vulnerability to gain elevated privileges.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.