Home / bulletins MS07-049 - Important: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986) - Version:2.0
Posted on 13 November 2007
ImportantSeverity Rating: Important - Revision Note: V2.0 (November 13, 2007): The security update for Microsoft Virtual PC 2004, Microsoft Virtual PC 2004 Service Pack 1, Microsoft Virtual Server 2005 Standard Edition, Microsoft Virtual Server 2005 Enterprise Edition, Microsoft Virtual Server 2005 R2 Standard Edition, and Microsoft Virtual Server 2005 R2 Enterprise Edition did not correctly install in certain cases. Microsoft recommends that customers apply the update at the earliest opportunity. No action is required on systems where the security update has been successfully installed. For details please read the "Frequently Asked Questions (FAQ) Related to This Security Update" section.Summary: This important security update resolves one privately reported vulnerability. This is an elevation of privilege vulnerability. The vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. Only guest operating system users who are granted administrative permissions to the guest operating system would be able to exploit this vulnerability. Guest operating system users not granted administrative permissions to the guest operating system would be unable to exploit this vulnerability.
Other versions
- MS07-049 - Version: 1.0
- MS07-049 - Version: 2.0
