Madshrimps Forum Madness

Madshrimps Forum Madness (https://www.madshrimps.be/vbulletin/)
-   WebNews (https://www.madshrimps.be/vbulletin/f22/)
-   -   Flaw in all Windows versions allows highest privilege level for 16-bit applications (https://www.madshrimps.be/vbulletin/f22/flaw-all-windows-versions-allows-highest-privilege-level-16-bit-applications-69306/)

jmke 20th January 2010 16:58

Flaw in all Windows versions allows highest privilege level for 16-bit applications
 
The problem is caused by flaws in the Virtual DOS Machine (VDM) that was fitted under the bonnet of Windows NT in 1993 to support 16-bit applications. The VDM is based on the Virtual 8086 Mode (VM86) in 80386 processors and, among other things, intercepts hardware routines such as BIOS calls.

Google security team member Tavis Ormandy worked out how an unprivileged 16-bit program can manipulate the kernel stack of each process and this can enable an attacker to execute code at the system privilege level.

To make matters worse he published a sample exploit that runs under Windows XP, Windows Server 2003 and 2008, Windows Vista and Windows 7. It opens a command prompt in the system context, which has the highest privilege level, under Windows XP and Windows 7.

http://www.theinquirer.net/inquirer/...t-windows-flaw


All times are GMT +1. The time now is 19:14.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO