Flaw in Windows WM_TIMER Message Handling

By Thomas McGuire on December 12, 2002, 1:15 PM
Issue:
By default, several of the processes running in the interactive desktop do so with LocalSystem privileges. As a result, an attacker who had the ability to log onto a system interactively could potentially run a program that would levy a WM_TIMER request upon such a process, causing it to take any action the attacker specified. This would give the attacker complete control over the system. In addition to addressing this vulnerability, the patch also makes changes to several processes that run on the interactive desktop with high privileges.

Affected Software:
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP

Patch availability:
Windows NT 4.0:
All except Japanese NEC & Chinese - Hong Kong
Japanese NEC
Chinese - Hong Kong

Windows NT 4.0, Terminal Server Edition:
All

Windows 2000:
All except Japanese NEC
Japanese NEC
Windows XP:
32-bit Edition
64-bit Edition




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.