Home > Security News > Microsoft investigates Windows Vista flaw
Security News:
EMAIL THIS LICENSING & REPRINTS

Microsoft investigates Windows Vista flaw

By Bill Brenner, Senior News Writer
22 Dec 2006 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

Microsoft is investigating reports of a new flaw in Windows Vista and other versions of the operating system. Local users could exploit it to boost their system privileges and run malicious commands on the network.

Mike Reavey of the Microsoft Security Response Center (MSRC) said in a blog posting early Friday that the center is "closely monitoring" developments surrounding a public posting of proof-of-concept (PoC) code targeting an issue with the Windows Client/Server Runtime Server Subsystem (CSRSS).

"The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems," Reavey said. "Initial indications are that in order for the attack to be successful, the attacker must already have authenticated access to the target system."

Redwood City, Calif.-based security vendor Determina said in an advisory that the problem is in how CSRSS processes HardError messages. "This vulnerability allows a logged-on user to execute arbitrary code in the CSRSS.EXE process and elevate their privileges to SYSTEM level," Determina said, adding that the flaw was first disclosed Dec. 15.

Security researchers concluded that the vulnerability is primarily a danger in the hands of a malicious insider and is not remotely exploitable. For that reason, Danish vulnerability clearinghouse Secunia rated the flaw less critical, while the French Security Incident Response Team (FrSIRT) rated it a moderate risk.

FrSIRT said the specific Windows versions affected by the flaw are:

  • Vista Home
  • Vista Business
  • Vista Enterprise
  • Windows 2000 Service Pack 4
  • Windows XP Service Pack 2
  • Windows XP Service Pack 1
  • Windows Server 2003 Service Pack 1

To mitigate the threat, Secunia recommended that IT shops only grant network access to trusted users.

Reavey said Vista users shouldn't be discouraged by the flaw. "While I know this is a vulnerability that impacts Windows Vista, I still have every confidence that Windows Vista is our most secure platform to date," he said.

Sound Off! -   Be the first to post a message to Sound Off!


Tags: Windows Vista SecurityVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts