Windows NT flaw found after 17 years
A CRITICAL FLAW has been found in the Windows NT trap handler that makes all Windows machines wide open to hackers. The problem has been a feature of every Windows system for the last 17 years and no one has noticed.According to Full Disclosure, the security hole in Windows allows users with restricted access to escalate their privileges to system level.
It can be done on all 32-bit versions of Windows from Windows NT 3.1 to Windows 7. This is not likely to bother consumers much, but corporate IT managers will be wetting themselves.
The problem is caused by flaws in the Virtual DOS Machine (VDM) that was fitted under the bonnet of Windows NT in 1993 to support 16-bit applications. The VDM is based on the Virtual 8086 Mode (VM86) in 80386 processors and, among other things, intercepts hardware routines such as BIOS calls.
Google security team member Tavis Ormandy worked out how an unprivileged 16-bit program can manipulate the kernel stack of each process and this can enable an attacker to execute code at the system privilege level.
To make matters worse he published a sample exploit that runs under Windows XP, Windows Server 2003 and 2008, Windows Vista and Windows 7. It opens a command prompt in the system context, which has the highest privilege level, under Windows XP and Windows 7.
Reference from Indexed sites
It can be done on all 32-bit versions of Windows from Windows NT 3.1 to Windows 7. This is not likely to bother consumers much, but corporate IT managers will be wetting themselves.
The problem is caused by flaws in the Virtual DOS Machine (VDM) that was fitted under the bonnet of Windows NT in 1993 to support 16-bit applications. The VDM is based on the Virtual 8086 Mode (VM86) in 80386 processors and, among other things, intercepts hardware routines such as BIOS calls.
Google security team member Tavis Ormandy worked out how an unprivileged 16-bit program can manipulate the kernel stack of each process and this can enable an attacker to execute code at the system privilege level.
To make matters worse he published a sample exploit that runs under Windows XP, Windows Server 2003 and 2008, Windows Vista and Windows 7. It opens a command prompt in the system context, which has the highest privilege level, under Windows XP and Windows 7.
Reference from Indexed sites
posted by ●๋є∂ιtoя● at
4:28 AM
1 Comments:
Good day, sun shines!
There have been times of troubles when I felt unhappy missing knowledge about opportunities of getting high yields on investments. I was a dump and downright stupid person.
I have never imagined that there weren't any need in big starting capital.
Nowadays, I'm happy and lucky , I begin to get real money.
It's all about how to select a correct companion who utilizes your money in a right way - that is incorporate it in real deals, and shares the income with me.
You can ask, if there are such firms? I'm obliged to answer the truth, YES, there are. Please get to know about one of them:
http://theinvestblog.com [url=http://theinvestblog.com]Online Investment Blog[/url]
Post a Comment
Subscribe to Post Comments [Atom]
<< Home