News

Microsoft Issues Alert on Windows Kernel Bug

On the eve of releasing an out-of-band Internet Explorer patch, Microsoft issued a new security advisory involving an obscure Windows kernel bug.

According to the advisory, an elevation of privilege exploit has been present in all 32-bit Windows versions since Windows NT. Possibly, this bug has been accessible for about 17 years, although someone exploiting it would need a network account to accomplish the deed.

The advisory says the bug affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7.

"Microsoft is investigating new public claims of a possible vulnerability in Windows," wrote Jerry Bryant, Microsoft's senior security program manager, in an e-mailed statement. "We are currently not aware of active attacks against this vulnerability and believe risk to customers, at this time, is limited."

Bryant added that to exploit this vulnerability, an attacker must "already have valid logon credentials and be able to log on to a system locally." The attacker would need to have an account established on the system and then run a program to take advantage of the flaw. Possibly, it might be exploited by a company insider or someone already trusted.

In any case, the attacker could elevate his privileges on the network to the administrative level, Bryant said.

The bug is based on the MS DOS system, first introduced in 1993. Computers using Windows for x64-based and Itanium systems aren't affected. Microsoft describes a workaround in the security advisory that will prevent access to 16-bit applications as a consequence of avoiding the bug.

Microsoft plans to "provide a security update on an upcoming Patch Tuesday release," according to the security advisory.

Google security team member Tavis Ormandy, who publicized the bug, said in numerous reports that he informed Microsoft of this hole on June 12, 2009. Security experts have noted the long time it has taken for Microsoft to respond. However, to Microsoft's credit, it has dealt with more than 80 vulnerabilities affecting Windows through 2009.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Salesforce Buying Slack for $27 Billion To Bolster CRM Solution

    Salesforce on Tuesday announced the purchase of collaboration software-maker Slack for an estimated $27.7 billion.

  • Dark City Illustration

    The Night the Lights Went Out in the Cloud: Lessons from the AWS Outage

    Last week's AWS outage that broke the Internet showed how critical it is to build applications that can withstand transient failure. Here's what you need to know to design a resilient cloud app (and it doesn't involve multicloud).

  • 5 Steps To Fix Windows Indexing Problems

    The Windows indexing feature doesn't always deliver the correct results of a file search. Here are five troubleshooting steps you can take whenever Windows indexing acts up.

  • Microsoft Adding Simpler Microsoft 365 Admin Center Option for Small Businesses

    The Microsoft 365 Admin Center, used for setting up and managing various Microsoft services, is getting a more lightweight interface designed for "very small businesses," according to a Tuesday Microsoft announcement.

comments powered by Disqus