Buffer Overrun in Windows Kernel Message Handling

By Thomas McGuire on June 1, 2003, 9:17 AM
Microsoft re-issued this bulletin on May 28, 2003 to advise on the availability of an updated Windows XP Service Pack 1 patch. This revised patch corrects the performance issues that some customers experienced with the original Windows XP Service Pack 1 patch.

There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results because an attacker could write a program to exploit this flaw & run code of their choice. An attacker could exploit this vulnerability to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system.

Affected Software:
Microsoft Windows NT 4.0
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP

Patch availability
Download locations for this patch

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.