It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Flaw in all Windows versions allows highest privilege level for 16-bit applications Flaw in all Windows versions allows highest privilege level for 16-bit applications
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Flaw in all Windows versions allows highest privilege level for 16-bit applications
Reply
 
Thread Tools
Old 20th January 2010, 15:58   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 78,611
jmke has disabled reputation
Default Flaw in all Windows versions allows highest privilege level for 16-bit applications

The problem is caused by flaws in the Virtual DOS Machine (VDM) that was fitted under the bonnet of Windows NT in 1993 to support 16-bit applications. The VDM is based on the Virtual 8086 Mode (VM86) in 80386 processors and, among other things, intercepts hardware routines such as BIOS calls.

Google security team member Tavis Ormandy worked out how an unprivileged 16-bit program can manipulate the kernel stack of each process and this can enable an attacker to execute code at the system privilege level.

To make matters worse he published a sample exploit that runs under Windows XP, Windows Server 2003 and 2008, Windows Vista and Windows 7. It opens a command prompt in the system context, which has the highest privilege level, under Windows XP and Windows 7.

http://www.theinquirer.net/inquirer/...t-windows-flaw
__________________
jmke is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft warns of TLS/SSL flaw in Windows jmke WebNews 0 10th February 2010 13:28
Microsoft Patch Tuesday: 5 Criticals, 2 Important, 1 Moderate Patch jmke WebNews 0 14th April 2009 18:47
Microsoft Security Bulletin Summary for September 2008 jmke WebNews 0 9th September 2008 19:20
Microsoft Security Bulletin Summary for August 2007 jmke WebNews 0 14th August 2007 22:21
IE flaw puts Windows XP SP2 at risk Sidney WebNews 3 6th February 2007 17:25
Microsoft Security Bulletin Summary for June 2006 jmke WebNews 0 14th June 2006 20:51
Microsoft Unveils Windows Vista Product Lineup - 6 versions jmke WebNews 0 27th February 2006 12:24
Windows Firewall flaw may hide open ports Sidney WebNews 0 2nd September 2005 05:55
Windows flaw reaches beyond XP Sidney WebNews 0 19th July 2005 00:05
List of fixes included in Windows XP Service Pack 2 jmke WebNews 1 17th August 2004 15:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 14:45.


Powered by vBulletin® - Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO