发布日期：2010-08-10
更新日期：2010-08-11

受影响系统：
Microsoft Windows XP SP3
描述：
--------------------------------------------------------------------------------
BUGTRAQ  ID: 42211
CVE ID: CVE-2010-1888

Microsoft Windows是微软发布的非常流行的操作系统。

Windows内核在创建特定类型的线程时存在竞争条件错误，本地用户可以通过运行恶意应用程序获得内核级权限提升。成功利用这个漏洞的攻击者可以执行任意内核态代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。

<*来源：Tavis Ormandy （taviso@gentoo.org）
  
  链接：cfdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4W2j5%4g2F1K9h3q4Q4x3X3g2U0L8$3#2Q4x3V1k6S2k6s2k6A6M7$3!0J5K9h3g2K6i4K6u0r3y4o6l9^5y4K6q4Q4x3V1j5`.
        f28K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8Y4c8W2j5$3S2F1k6i4c8Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3u0#2L8r3I4W2N6r3W2F1i4K6u0r3e0g2x3I4x3q4)9J5k6o6l9@1y4#2)9J5k6h3#2K6M7s2S2Q4x3@1k6H3k6W2)9K6c8s2c8J5N6h3f1`.
        43bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4g2K6i4K6u0V1j5$3g2J5N6q4)9J5k6h3N6G2N6W2)9J5c8X3y4S2M7#2)9J5c8Y4c8W2j5$3S2S2L8r3g2J5N6s2y4Q4x3V1k6f1b7e0p5H3i4K6u0V1x3U0t1J5b7g2)9J5k6h3S2@1L8h3H3`.
*>

建议：
--------------------------------------------------------------------------------
厂商补丁：

Microsoft
---------
Microsoft已经为此发布了一个安全公告（MS10-047）以及相应补丁:
MS10-047：Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
链接：91cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8Y4c8W2j5$3S2F1k6i4c8Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3u0#2L8r3I4W2N6r3W2F1i4K6u0r3e0g2x3I4x3q4)9J5k6o6l9@1y4#2)9J5k6h3#2K6M7s2S2Q4x3@1k6H3k6W2)9K6c8s2c8J5N6h3f1`.

补丁下载：
273K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8X3c8G2N6$3&6D9L8$3q4V1M7#2)9J5c8X3c8W2N6r3q4A6L8s2y4Q4x3X3g2S2M7%4m8^5i4K6y4r3k6X3q4E0K9h3I4&6K9h3c8Q4x3@1c8q4x3K6f1%4y4o6l9@1y4#2)9J5k6o6g2o6c8e0g2Q4x3X3b7@1y4o6j5I4i4K6u0V1z5e0c8m8b7g2)9J5k6o6c8q4b7U0x3J5y4e0S2p5y4f1f1%4x3b7`.`.

[培训]科锐逆向工程师培训第53期2025年7月8日开班！