Privilege Escalation Issue in Microsoft Virtual Machine Monitor
CVE-2009-1542

Currently unrated

Key Information:

Vendor: Microsoft
Status: Virtual Pc; Virtual Server
Vendor: CVE Published:; 15 July 2009

What is CVE-2009-1542?

The Virtual Machine Monitor (VMM) in Microsoft Virtual PC and Microsoft Virtual Server allows unprivileged users in guest operating systems to execute arbitrary kernel-mode code. This occurs due to the VMM not enforcing CPU privilege-level requirements for certain machine instructions. By using specially crafted applications, an attacker can gain elevated privileges within the guest OS, potentially leading to unauthorized access and system control.

References

http://www.vupen.com/english/advisories/2009/1890

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/35808

third-party-advisoryx_refsource_SECUNIA

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

18% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2009
Vulnerability Reserved
May 5, 2009