Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in the Windows Client/Server Run-time Subsystem (CSRSS) process because of the way that it handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution. Additionally, if a user viewed a specially crafted Web site, an attacker who successfully exploited this vulnerability could take complete control of an affected system. A privilege elevation vulnerability exists in the way that the Windows 32 Client/Server Run-time Subsystem (CSRSS) handles its connections during the startup and stopping of processes. A denial of service vulnerability exists in the Client/Server Run-time Subsystem (CSRSS) service because of the way it handles error messages. An attacker could exploit the vulnerability by running a specially crafted application causing the system to restart.
Detailed Information on the risk:
MS07-021 patches three vulnerabilities in the Microsoft Windows Client/Server Runtime SubSystem (CSRSS). Two of these vulnerabilities are technically local privilege escalation issues caused by memory management bugs in various CSRSS APIs. However, one of them can be remotely exploited due to browser features that enable complex software to be executed on behalf of web sites in environments that aren’t completely sandboxed. Two of these vulnerabilities, including the remote code execution issue and a denial of service issue, have been publicly disclosed and exploit POCs are circulating in the wild.Further information on this exploit is available at : MS07-021