Windows Security Update Targets Elevation of Privilege Attacks

Microsoft is continuing its investigation into a vulnerability that could allow hackers to gain superuser privileges on various flavors of the Windows OS.

Microsoft this week is continuing its ongoing investigation into what it calls "new public reports" of a vulnerability that could allow hackers to gain superuser privileges through LocalSystem in Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Redmond late last week issued a Security Advisory adding Windows XP Professional Service Pack 3 to the list of affected software. The advisory provides IT pros with some guidance and workarounds to help avoid a vulnerability that may allow elevation-of-privilege attacks.

The software giant said it is considering other actions, including the provision of a "security update" via its monthly Patch Tuesday security rollout.

This latest update involves a highly technical attack vector similar in scope to a patch released in last April's slate, where a local privilege-escalation vulnerability affected the Windows kernel due to improper validation of user-mode input. In the same manner, with this advisory, an attacker who has gained local access can change user parameters and exploit this issue to execute code with elevated permissions.

Microsoft said in its advisory that administrators that allow customized code to "run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server," should take a look at the advisory.

Off-site server hosting providers running Windows programs may also face increased risk, Microsoft added.

Potential workarounds include log-in and process monitoring specifically in Internet Information Services. Administrators can do this by creating a Worker Process Identity through the ISS manager function in Windows. The same can be done in SQL Server with the database administrator keeping track of users and changes to fields and access privileges.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

  • Qualcomm Back in Datacenter Fray with AI Chip

    The chip maker joins a crowded field of vendors that are designing silicon for processing AI inference workloads in the datacenter.

  • Microsoft To Ship Surface Hub 2S Conference Device in June

    Microsoft on Wednesday announced a June U.S. ship date for one of its Surface Hub 2S conferencing room products, plus a couple of other product milestones.

  • Kaspersky Lab Nabs Another Windows Zero-Day

    Kaspersky Lab this week described more about a zero-day Windows vulnerability (CVE-2019-0859) that its researchers recently discovered, and how PowerShell was used by the exploit.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.