Microsoft's Buggy DebuggerMicrosoft's Buggy Debugger
There's a ''critical'' security flaw in a Microsoft debugging app.
May 23, 2002
Microsoft says the debugging app found in Windows NT 4 Server and Windows 2000 contains a "critical" flaw. Under certain circumstances, the flaw could enable a hacker to circumvent the authentication system used by the debugger, take control of an app and possibly launch others, according to a Microsoft security bulletin. Attackers could take any action on the system, including deleting data, adding administration accounts, or reconfiguring the hijacked system.
The likelihood of a successful attack, Microsoft says, is mitigated because the attacker would have to log on the system, either at the keyboard or through a terminal session. More details, including an available patch to fix the flaw, are available athttp://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-024.asp
About the Author(s)
You May Also Like