Vulnerability Note VU#219848

Microsoft Windows Vista CSRSS privilege escalation vulnerability

Original Release date: 10 Apr 2007 | Last revised: 11 Apr 2007


The Microsoft Windows Client/Server Run-time Subsystem (CSRSS) process fails to properly handle error messages. This vulnerability may allow an attacker to execute arbitrary code.


The Microsoft Client/Server Run-time Subsystem (CSRSS) is an essential subsystem. CSRSS is responsible for console windows and creating and deleting threads.

According to Microsoft Security Bulletin MS07-021:

    A privilege elevation vulnerability exists in the way that the Windows 32 Client/Server Run-time Subsystem (CSRSS) handles its connections during the startup and stopping of processes.


A local authenticated attacker may be able to gain elevated privileges.


Apply update from Microsoft

Microsoft has released an update for this vulnerability in Microsoft Security Bulletin MS07-021.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationAffected-10 Apr 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Microsoft for information that was used in this report. Microsoft credits eEye for reporting this vulnerability.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2007-1209
  • Date Public: 10 Apr 2007
  • Date First Published: 10 Apr 2007
  • Date Last Updated: 11 Apr 2007
  • Severity Metric: 0.08
  • Document Revision: 12


If you have feedback, comments, or additional information about this vulnerability, please send us email.