Windows Flaw Poses New Risks
Security researchers say that they have identified several additional attack vectors that can exploit the critical Windows 2000 vulnerability disclosed this week.Security researchers say that they have identified several additional attack vectors that can exploit the critical Windows 2000 vulnerability disclosed this week, and are urging everyone running the operating system to patch their machines. When Microsoft Corp. released its advisory and patch for this vulnerability on Monday, it said that only Windows 2000 machines running the IIS 5.0 Web server software were vulnerable. However, researchers from Next Generation Security Software Ltd. have shown that is likely possible to exploit the vulnerability by going in through services other than IIS. In a paper published Friday, David Litchfield of NGSS, based in Surrey, England, wrote that IIS is simply the attack vector used to exploit the vulnerability in the WebDAV request process. As the request is processed, it passes through several functions, one of which calls another function known as RtlDosPathNameToNtPathName_U, which is where the actual vulnerability lies.
However, there is a long list of other functions that make this same call, many of which are concerned with the NT files system.
Find white papers on security.
For more security scoops, check out Ziff Davis Security Supersite.