News Stay informed about the latest enterprise technology news and product updates.

Microsoft investigates new Windows zero-day flaw

Microsoft is investigating reports of a new zero-day vulnerability attackers could exploit to gain extra user privileges and launch malicious code.

Microsoft is investigating reports of a new zero-day flaw in Windows attackers could exploit to access extra user...

privileges and launch malicious code.

Bill Sisk, security response communications manager for Microsoft, said in an email Thursday evening that the flaw allows for privilege escalation from authenticated user to LocalSystem in Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The software giant issued Security Advisory (951306) to offer affected customers some steps to mitigate the threat.

"Currently, Microsoft is not aware of any attacks attempting to exploit the potential vulnerability," the advisory said. "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs."

Sisk's message follows alerts from such security vendors as McAfee, which warned of a potential ActiveX-based zero-day in the McAfee Avert Labs blog.

"A Microsoft Works ActiveX potential zero-day has been disclosed on a handful of Chinese blog sites," McAfee researcher Kevin Beets wrote in the blog. "This threat was originally posted as a proof of concept that caused a Windows host to crash, but very soon after, a working exploit was posted."

The flaw lies in an ActiveX component of Microsoft Works Image Server (WkImgSrv.dll) and successful exploitation could allow for code execution via a controlled pointer, Beets said. For this to occur, however, the victim would need to visit a malicious website.

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.