Microsoft Corp. on Wednesday released a patch for a new critical flaw in the debugger service in Windows NT and 2000 that enables an attacker to gain complete access to a vulnerable machine.
The Redmond, Wash., company says there is a flaw in the authentication mechanism in the debugging program that allows unauthorized programs to gain access to the debugger. The attacker could then use the debugger to cause a running program to start another program of his choosing.
The debugger is used to diagnose and analyze problems with programs as they are running, and as such, has the capability of taking control of other applications. The debugger can also issue commands to other applications, including the order to start other programs.
In its bulletin, Microsoft warns that because many programs run as the operating system, an attacker could execute code with the privileges of the OS.
Windows NT 4.0, 4.0 Terminal Server Edition and 2000 are all vulnerable, Microsoft said. The company has posted separate patches for each version here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-024.asp.
- Microsoft Sews Patch for IE
- Microsoft, AOL IM Flaws Uncovered