Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

MICROSOFT

Symantec Explains the Vista CSRSS Vulnerability

- Arbitrary code execution is a possibility

By: Marius Oiaga, Technology News Editor

Exploit code for a vulnerability in the Client Server Run-Time Subsystem impacting the Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows
Vista operating systems has been available since December 20, 2006. On the very same day, Microsoft has confirmed the Windows MessageBox Vulnerability and revealed that the Proof-of-Concept allows for local elevation of privilege. According to security vendor McAfee, PoC has been published in the wild on 29 and 31 December 2007.

Peter Ferrie, Senior Principal Software Engineer Symantec Security Response, has commented on the double-free bug in a CSRSS message function, confirming the fact that the flaw indeed impacts Windows Vista, but not in a reliable manner.

"Of course, that the bug isn't reliable on Vista doesn't mean that everyone can relax. The bug does affect earlier versions of Windows, where arbitrary code execution is far easier to achieve. Is it likely to be exploited? Oh yes," predicted Ferrie.

Ferrie explained that although a successful exploit of the Windows MessageBox Vulnerability will most likely produce a denial of service, the execution of arbitrary code cannot be ruled out.

"Why the fuss? Simply put, successful exploitation of the bug allows even the most restricted user-mode application to elevate its privileges to the System level. From there, the kernel is accessible even on Vista. Even without entering the kernel, System-level privileges allow almost complete control of the system, so the possibilities are limited only by the imagination," commented Ferrie.

MORE RELATED ARTICLES: Medium Rating for Vista MessageBox Vulnerability Vista Puerile Commercials Episode 2 and 3 Texas Hold ‘Em in Windows Vista Vista Will Not Guarantee Protection against Malware Search in Windows Vista Swap the Behavior of the Windows Vista Power Button Windows Vista Migration Software Zip and Unzip in Windows Vista Microsoft Still Supports Windows Vista Beta Life After Windows Vista
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

6th January 2007, 10:45 GMT | Copyright (c) 2007 Softpedia | Contact:
Read by 1,886 user(s) | Rating: | 7 vote(s) so far | Cast your vote:
Symantec Explains the Vista CSRSS Vulnerability - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT Symantec Explains the Vista CSRSS Vulnerability

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive