[ insider_reports_insider ]
Vista Open To Proof Of Concept Attack
David Utter
Staff Writer
2006-12-22
 Insider Reports RSS Feed
The public release of code that can escalate the privileges of a user with authenticated access to a Vista system has Microsoft tracking down a fix.
 | | Vista Open To Proof Of Concept Attack |  |
Crime doesn't take a holiday. Whether it's Uncle Joey clamping his fat mitts around the last drumstick at the holiday dinner table, or malicious coders looking for a way into an operating system, there's always something going on when people let their guard down.
Instead of battling turkey-thieving in-laws, the bright minds at the Microsoft Security Response Center will have to carve into yet another Microsoft-targeted threat. Mike Reavey posted more about this on the MSRC blog:
Aside from discussing the holidays, the reason I am dropping in on the blog is that right now we are closely monitoring developments related to a public posting of proof of concept code targeting an issue with the Client Server Run-Time Subsystem.
The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems. Initial indications are that in order for the attack to be successful, the attacker must already have authenticated access to the target system.
Of course these are preliminary findings and we have activated our emergency response process involving a multitude of folks who are investigating the issue in depth to determine the full scope and potential impact to Microsoft's customers.
Currently we have not observed any public exploitation or attack activity regarding this issue. While I know this is a vulnerability that impacts Windows Vista I still have every confidence that Windows Vista is our most secure platform to date.
The attendant problem with privilege elevation concerns internal users on a corporate network, where lots of sensitive information that would be made unavailable to non-privileged users could be exposed in such an attack.
Internal employees bearing a grudge or a need for cash could use such an exploit to tap into data, or render it useless. Privileged access can lead to problems when it is misued; the recent sentencing of Roger Duronio for his logic bomb attack at UBS PaineWebber came after his efforts cost the institution $3.1 million to fix the damage.
Outgoing Microsoft executive Jim Allchin has protested claims that current malware threats can compromise Vista. The new OS may be inherently safer than Windows 2000/XP/2003, but if someone can cobble together proof of concept code today, someone else can come along later and make something worse.
---
Tag: Vista
Add to  Del.icio.us |  Digg |  Reddit |  Furl
Get all the updates - 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
