| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-006 | Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255) | Microsoft Windows | Low | 14-02-2007 |
Technical Information
Brief overview of the risk:
A privilege elevation vulnerability exists in Windows Shell in the way that the operating system performs detection and registration of new hardware. This vulnerability could allow an authenticated user to take complete control of the system.
Detailed Information on the risk:
This bulletin covers a privilege escalation issue in the Windows Shell new hardware detection code. Unprivileged users can convince Windows to execute their code in a privileged context when a new hardware event takes place, such as when a CD is inserted or a USB device is plugged in.Further information on this exploit is available at : MS07-006
Affected Software
Microsoft Windows XP Service Pack 2Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition