Microsoft Windows Knowledge Base Article 978037 update is not installed (WinMs10kb978037Update)

Vuln ID: 55934
Risk Level: High risk vulnerability  High WinMs10kb978037Update
Platforms: Microsoft Windows 2000: SP4, Microsoft Windows XP: SP2, Microsoft Windows Server 2003: SP2, Microsoft Windows Server 2003: SP2 Itanium, Microsoft Windows Server 2003: SP2 x64, Microsoft Windows XP: SP2 x64 Professional, Microsoft Windows XP: SP3
Description:

Microsoft Knowledge Base Article 978037 is not installed, which could allow a remote attacker to exploit the following vulnerability:

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper termination of user processes after log out by Windows Client/Server Run-time Subsystem (CSRSS). An attacker could exploit this vulnerability using a specially-crafted background process to obtain sensitive information or access restricted data.
Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS10-011. See References.
False Positives:
False Negatives:
Required Permission: Windows login
Additional Information:

References:

Microsoft Security Bulletin MS10-011
Cumulative Security Update for Internet Explorer (978207)
http://www.microsoft.com/technet/security/bulletin/ms10-011.mspx

IBM Internet Security Systems X-Force Database
Microsoft Windows Client/Server Run-time Subsystem (CSRSS) privilege escalation
http://xforce.iss.net/xforce/xfdb/55933

ISS X-Force
Microsoft Windows Knowledge Base Article 978037 update is not installed
http://www.iss.net/security_center/static/55934.php

CVE CVE-2010-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0023
X-Force Logo
Know Your Risks		 Mitre.org CVE Logo
Common Vulnerabilties & Exposures