Microsoft warns of Windows 2000 security hole

[InfoSec News <isn () C4I ORG>]

http://www.zdnet.co.uk/news/2001/8/ns-21265.html

Will Knight
Wed, 28 Feb 2001

Flaw allows a user to gain new privileges on a computer network

Security experts have discovered a fault in Microsoft's flagship
operating system Windows 2000 that could allow a malicious user to
hijack a system and perform any operation they wish.

The flaw with the Windows 2000 Event Viewer -- which logs details of
activity on a Windows 2000 system -- could allow an ordinary user to
carry out privileged system commands, Microsoft has confirmed.

Exploiting the vulnerability, a malicious user could write a specially
formatted event to the Event Viewer, which would execute unauthorised
code when the log is next viewed. If the next user to view the log is
an administrator, super-user commands can be carried out.

The one mitigating aspect of the vulnerability is that the malicious
user must already have access to a target computer system.

"It is not as significant as a wide-ranging vulnerability that could
be exploited remotely," said Ian Peacock, security consultant with
Swedish computer security firm Defcom. "But companies definitely need
to patch this."

Microsoft has issued an alert and a patch for the problem available
at: http://www.microsoft.com/technet/security/bulletin/MS01-013.asp.

Microsoft said that the affected systems are Windows 2000
Professional, Windows 2000 Server, Windows 2000 Advanced Server and
Windows 2000 Datacenter Server.

This is just the latest security flaw to affect Microsoft. A major
vulnerability was recently discovered with the software giant's
leading email client Outlook.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".