Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 937986 - Last Review: November 28, 2007 - Revision: 2.1
MS07-049: Vulnerability in Virtual PC and Virtual Server that could allow privilege elevation
Microsoft has released security bulletin MS07-049. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
- Home users:
- IT professionals:
Known issues with this security update
- If the you install the 64-bit version of update 937986 on a 32-bit operating system, the installation fails. This issue occurs because the Advpack.dll file experiences an error when creating the process for the update. You receive a warning dialog box that states that the update did not install.
- When the update 937986 is applied on a remote machine by using Terminal Services, the update does not replace the vulnerable files if the /console option is not used. To avoid this issue, you must use the /console option as shown in this example:
mstsc /console /v:<machine name>
- This update is not supported in Windows Vista. If your computer is running Windows Vista, we recommended that you use either Virtual PC 2007 or Virtual Server 2005 R2 SP1 depending on your requirements. Neither of these two applications has the vulnerability described in Microsoft Knowledge Base article 937986.
Note This hotfix cannot be uninstalled. You have to uninstall Virtual Server completely and then reinstall the RTM version.
APPLIES TO
- Microsoft Virtual PC 2004
- Microsoft Virtual PC 2004 Service Pack 1
- Microsoft Virtual Server 2005 Standard Edition
- Microsoft Virtual Server 2005 R2 Standard Edition
- Microsoft Virtual Server 2005 R2 Enterprise Edition
- Microsoft Virtual PC for Mac Version 6.1
- Microsoft Virtual PC for Mac Version 7
| kbexpertiseadvanced kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbpubtypekc KB937986 |
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate
Be the first to leave feedback, to help others about this knowledge base
article.
(Optional) Name
(Optional)
Public URL Or Email
Comments
No
HTML -- Text Only Please