also @ TechSpot: Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012

Critical flaw discovered in many versions of Windows

By

On December 29, 2006, 3:38 PM EST

A particularly nasty exploit for Windows has been released, this one affecting all versions of Windows including Vista. The flaw, which originates in the message box API that is universal among Windows, can be used to escalate privileges on a machine for someone or for a piece of software, allowing them to do pretty much anything they want. It requires local access to the machine, or at the very least, someone on the local machine to run a program:

"The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems," Reavey said in an entry posted late Dec. 21 on the MSRC blog.
The exploit hasn't been verified by any 3rd parties as of yet, though it is being investigated and likely a 3rd party patch will surface soon. Given the predictable nature of Microsoft's patch cycle, it could be weeks or even months before an official fix is published. I look forward to learning more about it.

Related Stories

No tags on this story

1 comment

User Comments (1)

Post a comment
spydercanopus
on December 30, 2006
9:28 AM 		If it's not Internet based and you need physical access to the computer maybe they should leave it alone. Sometimes you need to find a hole to fix a PC.

Reply

Browse more commented news

Post a new comment

Guest user

To post as an anonymous
user click here.

Members

If you are a TechSpot member,
please login first.


By signing up you gain complete access to the TechSpot community. Join thousands of computer and technology enthusiasts that contribute and share knowledge in our forum. Post messages, get a private inbox, upload your own photo gallery and more.

Most Popular

Trending Featured
More Trending Topics

Editors' CPU Picks

Downloads & Drivers

Downloads   Drivers  

GMABooster 2.1a

HaoZip 2.8

Defraggler 2.10.413

The Cleaner 2012 8.1.0.1110

WinISO 6.2.0.4526

More Downloads

Related Discussion

AVG 2012

[UDK] Critical Point - Incursion

Could it be the graphics card?

Compaq Presario CQ61 screen LCD cable change but not working

Laptop screen messed up

More at the Forums

Subscribe to TechSpot

Get free exclusive content, learn about new features and tech breaking news.