Windows & Interoperability - eWeek



Warning: Any User Can Root Win NT, 2000




New hole in Windows NT and Windows 2000 opens the door for any user (even "guest") to gain complete control of your machine. This bug--called a "privilege escalation" vulnerability--allows an unprivileged user to obtain admini

A serious hole in Windows NT and Windows 2000 allows any user (even "guest") to gain complete control of the machine. This bug -- called a "privilege escalation" vulnerability -- is particularly worrisome, because it does more than open the system to attacks from its own users. It also amplifies the dangers associated with other security holes that Microsoft has dismissed as not being serious. Why? Because an intruder who gains entry to a system as an unprivileged user can obtain administrator privileges and take over.

The exploit doesnt use esoteric techniques such as buffer overflows; in fact, it uses only the operating systems standard, documented debugging interface. This interface allows one program (a debugger) to gain control of another (a program under test) so that the behavior of the latter can be observed and/or altered. Alas, NT and Win2K allow any program to control any other; an unprivileged user can thus gain control of a privileged program and bend it to his or her will.

Safeguards against such exploits have long been present in UNIX and were mentioned in Microsofts recent DRM patent. (Ironically, Microsoft did not implement the commonsense security mechanisms it "rediscovered" and managed to patent despite long standing prior art.)

The discoverers public announcement of the bug (first link below) contains not only a complete description of the problem but a sample exploit. One would think that this would have put Microsoft on "red alert," but -- amazingly -- the software giant has released neither an advisory nor a patch. Fortunately, third parties have already created fixes that administrators can apply to their systems. (See the second link below for details.)

FOR FURTHER READING:

Note: We are -- as far as we know -- the first media outlet to cover this bug, but details and exploits have been circulating in hacker circles for at least two weeks. So, be sure to patch your NT and Win2K systems ASAP.







 
 
>>> More Windows & Interoperability Articles          >>> More By Brett Glass
 

FEATURED SPONSOR MESSAGE

Start the New Year with business intelligence—it’s a smart move

Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself.

Click Here

Brought to you by


eweek digital



Advertisement
 
APPLY FOR A FREE 
SUBSCRIPTION BELOW:

>Try digital eWEEK
>Renew today
>Subscription help
>More FREE Subscriptions
First Name:Last Name:
Title:Company:
Address:City:
State:Zip Code:
Email:
eWEEK Quick LInks