Microsoft Security Advisory (944653)
Vulnerability in Macrovision SECDRV.SYS Driver on Windows Could Allow Elevation of Privilege
Published: November 5, 2007
Microsoft is working with Macrovision, investigating new public reports of a vulnerability in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. This vulnerability does not affect Windows Vista. We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process.
Microsoft is concerned that this new report of a vulnerability in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP was publicly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.
For supported editions of Windows Server 2003 and Windows XP, users can install the update offered by Macrovision. Microsoft recommends that customers review the Macrovision advisory before applying the update provided by Macrovision.