Title

Microsoft LRPC Security Feature Bypass Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing an elevation of privilege vulnerability that affects Microsoft LRPC. Local RPC (LRPC) is an Inter-Process Communication (IPC) mechanism that enables data exchange and invocation of functionality residing in a different process that resides on the same computer. LRPC is a component of Microsoft RPC. LRPC internally uses LPC as the transport mechanism for passing messages between the two processes. To exploit this vulnerability, an attacker would leverage a LRPC server that sends a specially crafted LPC port message to the LRPC client. If successfully exploited, this vulnerability would cause a memory corruption condition and allow elevation of privileges.

Check Content

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-53813

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.