Microsoft's Buggy Debugger

There's a ''critical'' security flaw in a Microsoft debugging app.
Microsoft says the debugging app found in Windows NT 4 Server and Windows 2000 contains a "critical" flaw. Under certain circumstances, the flaw could enable a hacker to circumvent the authentication system used by the debugger, take control of an app and possibly launch others, according to a Microsoft security bulletin. Attackers could take any action on the system, including deleting data, adding administration accounts, or reconfiguring the hijacked system.

The likelihood of a successful attack, Microsoft says, is mitigated because the attacker would have to log on the system, either at the keyboard or through a terminal session.

More details, including an available patch to fix the flaw, are available at