Don's Pages and my Music

Monday, January 25, 2010

17 Year Old Windows Flaw Found

17-Year-Old Windows Flaw Found



Doug Caverly
Staff Writer
2010-01-20





Here's a little something to make people who are interested in security shudder: a vulnerability's been discovered, and believe it or not, it's present in just about every version of Windows from 1993's Windows NT 3.1 on.

17-Year-Old Windows Flaw Found
17-Year-Old Windows Flaw Found

Tavis Ormandy, who works for Google, appears to have discovered the issue sometime towards the middle of last year, and - after giving Microsoft more than a fair amount of time to deal with it (he notified the company in June) - wrote about it yesterday.

Apparently the fault lies with the Virtual DOS Machine, which comes with 32-bit versions of Windows for the sake of supporting 16-bit applications. And the problem amounts to a privilege escalation bug, which isn't the most benign thing in the world.

Read more...
http://www.securitypronews.com/insiderreports/insider/spn-49-2010012017YearOldWindowsFlawFound.html

Don

No comments:

Post a Comment