Microsoft Warns of Bug in Windows Kernel -- Redmondmag.com

Microsoft Issues Alert on Windows Kernel Bug

By Jabulani Leffall
01/21/2010

On the eve of releasing an out-of-band Internet Explorer patch, Microsoft issued a new security advisory involving an obscure Windows kernel bug.

According to the advisory, an elevation of privilege exploit has been present in all 32-bit Windows versions since Windows NT. Possibly, this bug has been accessible for about 17 years, although someone exploiting it would need a network account to accomplish the deed.

The advisory says the bug affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7.

"Microsoft is investigating new public claims of a possible vulnerability in Windows," wrote Jerry Bryant, Microsoft's senior security program manager, in an e-mailed statement. "We are currently not aware of active attacks against this vulnerability and believe risk to customers, at this time, is limited."

Bryant added that to exploit this vulnerability, an attacker must "already have valid logon credentials and be able to log on to a system locally." The attacker would need to have an account established on the system and then run a program to take advantage of the flaw. Possibly, it might be exploited by a company insider or someone already trusted.

In any case, the attacker could elevate his privileges on the network to the administrative level, Bryant said.

The bug is based on the MS DOS system, first introduced in 1993. Computers using Windows for x64-based and Itanium systems aren't affected. Microsoft describes a workaround in the security advisory that will prevent access to 16-bit applications as a consequence of avoiding the bug.

Microsoft plans to "provide a security update on an upcoming Patch Tuesday release," according to the security advisory.

Google security team member Tavis Ormandy, who publicized the bug, said in numerous reports that he informed Microsoft of this hole on June 12, 2009. Security experts have noted the long time it has taken for Microsoft to respond. However, to Microsoft's credit, it has dealt with more than 80 vulnerabilities affecting Windows through 2009.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.