Microsoft Patches Windows 2000 Flaw
Vulnerability is in the Network Connection Manager, which controls all the network connections managed by a given host.Microsoft Corp. on Thursday issued a patch for a critical flaw in Windows 2000 that could allow an attacker to run code with system-level privileges on vulnerable machines. The vulnerability lies in the Network Connection Manager (NCM), a component of Windows 2000 that controls all the network connections managed by a given host. One of NCMs main functions is to call a handler routine whenever a client establishes a new network connection. This handler is designed to run in the security context of the user. But, the vulnerability enables an attacker to cause it to run in the context of LocalSystem. The attacker could then specify malicious code as the handler and establish a network connection to cause that code to be called.
The code would then run with system level privileges, Microsoft said in its advisory. In order to exploit the vulnerability, the attacker must first be able to log on interactively to the affected system.