Skip navigation

Authentication Flaw in Windows Debugger

Reported May 22, 2002, by Microsoft.

VERSIONS AFFECTED

 

·         Microsoft Windows 2000

·         Microsoft Windows NT 4.0

·         Microsoft Windows NT 4.0 Server, Terminal Server Edition

 

DESCRIPTION

A vulnerability exists in the authentication mechanism of the Win2K and NT 4.0 debugging facility that can let an unauthorized program gain access to the debugger. An attacker can use this vulnerability to cause a running program to execute a program of the attacker’s choice under the system security context.

 

VENDOR RESPONSE

The vendor, Microsoft, has released Security Bulletin MS02-024 to address these vulnerabilities and recommends that affected users apply the appropriate patch listed in the bulletin.

 

CREDIT
Discovered by Microsoft.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish