RealTime IT News

Beware That Windows Error Message

Microsoft on Thursday warned of a buffer overrun vulnerability in the way the Windows kernel passes error messages to a debugger and issued a security patch to plug the holes on Windows NT 4.0, Windows 2000 and Windows XP systems.

The vulnerability alert included a warning that an intruder could use the flaw to elevate privileges and a recommendation that sysadmins running susceptible systems install the patch immediately.

The vulnerability carries an 'important' rating, Microsoft's second highest on a four-level scale introduced late last year.

The software giant said the vulnerability exists because an attacker could write a program to exploit this flaw and run code of his or her choice. "An attacker could exploit this vulnerability to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system," it cautioned.

For an attack to succeed, an intruder would need to be able to logon interactively to the system, either at the console or through a terminal session. A successful attack would also require the introduction of code in order to exploit this vulnerability.

"Because best practices recommends restricting the ability to logon interactively on servers, this issue most directly affects client systems and terminal servers," Microsoft added.

"Standard best practices recommend only allowing trusted administrators to log onto such systems interactively; without such privileges, an attacker could not exploit the vulnerability," the company said.