In association with heise online

18 April 2008, 10:24

Elevation of privilege allowed by vulnerability in the Windows kernel

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft has issued a security advisory warning of a vulnerability in the Windows kernel using which logged-in users can elevate their privileges on the system and so take control of it. Windows XP Professional with Service Pack 2, Vista, Server 2003 and Server 2008 are affected.

Server operators such as hosting providers who permit the execution of user code within IIS and SQL Server are reported to be particularly vulnerable.

Microsoft has not yet given details of the vulnerability, and is still investigating the problem. In its security advisory, it does however give instructions to server operators to protect themselves against exploitation of the hole. It is still not clear when a patch for the hole will appear.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit