Follow Liquidmatrix

FacebookTwitterRSS

Subscribe by Email

Vulnerability in Macrovision SECDRV.SYS Driver

Microsoft has a new security advisory posted on their site for a vulnerability in the SECDRV.SYS driver. This problem could potentially lead to a privilege escalation on Windows.

From Security Advisory 944653:

Microsoft is working with Macrovision, investigating new public reports of a vulnerability in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. This vulnerability does not affect Windows Vista. We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process.

The Redmond folks were a tad perturbed that this was made public before they could tackle it. Somehow I don’t think the folks that let this one out of the bag were big on responsible disclosure.

Article Link

[tags]Macrovision, SECDRV.SYS, Privilege Escalation[/tags]

Posted by on November 6, 2007. Filed under Vulnerability. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>