Microsoft Patch Fixes Windows Debugger Flaw | eWeek

Microsoft Patch Fixes Windows Debugger Flaw

Verfasst von
Dennis Fisher
Dennis Fisher
May 23, 2002
1 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

Microsoft Corp. on Wednesday released a patch for a new critical flaw in the debugger service in Windows NT and 2000 that enables an attacker to gain complete access to a vulnerable machine.

The Redmond, Wash., company says there is a flaw in the authentication mechanism in the debugging program that allows unauthorized programs to gain access to the debugger. The attacker could then use the debugger to cause a running program to start another program of his choosing.

The debugger is used to diagnose and analyze problems with programs as they are running, and as such, has the capability of taking control of other applications. The debugger can also issue commands to other applications, including the order to start other programs.

In its bulletin, Microsoft warns that because many programs run as the operating system, an attacker could execute code with the privileges of the OS.

Windows NT 4.0, 4.0 Terminal Server Edition and 2000 are all vulnerable, Microsoft said. The company has posted separate patches for each version here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-024.asp.

Related stories:

  • Microsoft Sews Patch for IE
  • Microsoft, AOL IM Flaws Uncovered
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.