MS09-033: Vulnerability in Virtual PC and Virtual Server could allow elevation of privilege

Article translations Article translations
Article ID: 969856 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released security bulletin MS09-033. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Known issues that affect this security update

  • When you try to install this update in Windows Vista or in Windows Server 2008, you may receive an error message that resembles the following:
    Access is denied
    To resolve this issue, install this update by using an "elevated prompt." To do this, follow these steps:
    1. Download the update file to a temporary folder, such as the "Downloads" folder.
    2. Right-click the update, and then click "Run as administrator."

      Collapse this imageExpand this image
      User Account Control permission
      If you are prompted for an administrator password or for confirmation, type your password or click Continue.
    When you run the file as an administrator, the update should install successfully.
  • When you install the security update in Windows Vista or in Windows Server 2008 for Virtual PC 2007 or Virtual PC 2007 SP1 from the Download Center, you may receive a message that states the name of the software is "Microsoft Virtual PC 2004 SP1 Patcher Package". This issue occurs for both the x86 and x64 versions of the update. This message is incorrect and can be ignored. The binary is correct for the platform. This can be validated by reviewing the file name.
  • When you install the 64-bit version of update 969856 on a 32-bit operating system, the installation may fail. This issue occurs because the Advpack.dll file experiences an error when it creates the process for the update. When this issue occurs, you may receive an error message that states that the update did not install.
  • The file date of VMM.sys file that is installed by this security update corresponds to the date of installation, and not to the date that the files were produced by Microsoft. To determine whether the update was installed, we recommend that you validate the version number of the respective files as documented in the "File Information" section.
  • The update for Microsoft Virtual PC 2007 RTM does install on installations of Virtual PC 2007 Service Pack 1. This issue might occur if you accidentally download and install the incorrect version of the update. The binary that is installed by both updates is identical, and will not cause compatibility issues or user experience issues. The security vulnerability will protect the system as intended in this scenario. However, the version of VMM.sys will be 1.1.598.0. Although this is earlier than the version before installation, the security update is installed and does protect the system. However, we do not recommend that you install the RTM version of the security update on a Service Pack 1-based system.
  • This security update will not create a log file during installation.
  • This security update cannot be uninstalled after you install it. If you want to roll back the security update, we recommend that you uninstall and then reinstall Virtual PC or Virtual Server. You can do this without losing data inside the virtual machines.
  • This security update does not leave an entry in Add Or Remove Programs.
  • To use the registry entries to validate whether the security update is installed, you have to determine whether the value of the registry key that is listed in the bulletin is "VSPatcher2." These entries are already present on an installation that does not have the security update installed. However, the entry will have a different value.
  • This security update does not force a restart after installation when it is downloaded and installed from the Microsoft Download Center. However, you must restart the system for the updated kernel VMM driver to take effect.

FILE INFORMATION

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For 32-bit editions of Virtual PC 2007

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.598.0Date of update installationTime of update installation229,224

For x64-based editions of Virtual PC 2007

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.598.0Date of update installationTime of update installation294,232

For 32-bit editions of Virtual PC 2007 Service Pack 1

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.656.0Date of update installationTime of update installation229,224

For x64-based editions of Virtual PC 2007 Service Pack 1

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.656.0Date of update installationTime of update installation294,232

For 32-bit editions of Virtual Server 2005 R2 Service Pack 1

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.656.0Date of update installationTime of update installation229,224

For x64-based editions of Virtual Server 2005 R2 Service Pack 1

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.656.0Date of update installationTime of update installation294,232

For Virtual Server 2005

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.465.16Date of update installationTime of update installation1,51,552

For 32-bit editions of Virtual PC 2004 Service Pack 1

Collapse this tableExpand this table
File NameVersionDateTimeSize
VMM.sys1.1.465.15Date of update installationTime of update installation145,408

MORE INFORMATION

How to determine whether you are running a 32-bit or 64-bit edition of Windows

If you are not sure which version of Windows that you are running, or whether it is a 32-bit version or a 64-bit version, open System Information (Msinfo32.exe) to review the value that is listed for System Type. To do this, follow these steps:
  1. Click Start, and then click Run or click Start Search.
  2. Type msinfo32.exe, and then press ENTER.
  3. In System Information, review the value for System Type.
    • For 32-bit editions of Windows, the System Type value is x86-based PC.
    • For 64-bit editions of Windows, the System Type value is x64-based PC.
For more information about how to determine whether you are running a 32-bit or 64-bit edition of Windows, click the following article number to view the article in the Microsoft Knowledge Base:
827218 How to determine whether your computer is running a 32-bit version or a 64-bit version of the Windows operating system

Properties

Article ID: 969856 - Last Review: May 9, 2012 - Revision: 5.0
APPLIES TO
  • Microsoft Virtual PC 2007 Service Pack 1
  • Microsoft Virtual PC 2007
  • Microsoft Virtual Server 2005 R2 Service Pack 1
  • Microsoft Virtual Server 2005 Enterprise Edition
  • Microsoft Virtual Server 2005 Standard Edition
Keywords: 
atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability kbsurveynew KB969856

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com