17-Year-Old Windows Flaw Found
Staff Writer
2010-01-20
Here's a little something to make people who are interested in security shudder: a vulnerability's been discovered, and believe it or not, it's present in just about every version of Windows from 1993's Windows NT 3.1 on.
| 17-Year-Old Windows Flaw Found |
Tavis Ormandy, who works for Google, appears to have discovered the issue sometime towards the middle of last year, and - after giving Microsoft more than a fair amount of time to deal with it (he notified the company in June) - wrote about it yesterday.
Apparently the fault lies with the Virtual DOS Machine, which comes with 32-bit versions of Windows for the sake of supporting 16-bit applications. And the problem amounts to a privilege escalation bug, which isn't the most benign thing in the world.
Read more...
http://www.securitypronews.com/insiderreports/insider/spn-49-2010012017YearOldWindowsFlawFound.html
Don
No comments:
Post a Comment