Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - New Windows service ACL security advisory released (914457) InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Windows service ACL security advisory released (914457)

Published: 2006-02-08
Last Updated: 2006-02-08 02:34:02 UTC
by Jason Lam (Version: 1)
0 comment(s)
Microsoft has released a new security advisory on overly permissive ACLs on Windows services. Exploitation of the vulnerability can lead to escalation of privilege on the local machine. XP SP1 and 2K3 (without SP) are identified to be vulnerable.

MS advisory: http://www.microsoft.com/technet/security/advisory/914457.mspx

This issue seems to be the same as the one reported few days ago. Look here for more details.

------------
Jason Lam
Keywords:
0 comment(s)
Diary Archives