>> Microsoft Windows AutoRun Feature Security Bypass Weakness
Title : Microsoft Windows AutoRun Feature Security Bypass Weakness VUPEN ID : VUPEN/ADV-2008-0954 CVE ID : CVE-2008-0951
Rated as : Low Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2008-03-21
Technical Description
A weakness has been identified in Microsoft Windows Vista, which could be exploited by local attackers to bypass security restrictions. This issue is caused by an error where the operating system fails to properly handle the "NoDriveTypeAutoRun" registry value and disable the "AutoRun" and "AutoPlay" features, which could cause a vulnerable system to have some AutoPlay enabled, even though the Group Policy Editor and associated registry values indicate otherwise, which may allow an attacker to cause a user to inadvertently execute arbitrary code on a removable device, such as a USB drive.
Credits Vulnerability reported by Will Dormann and Jeff Gennari (CERT/CC).
ChangeLog 2008-03-21 : Initial release
2008-07-08 : Patch Available for Windows Vista and Server 2008
2009-02-24 : Updates Available for Windows 2000, XP and 2003 Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
