Re: EEYE: Windows VDM #UD Local Privilege Escalation

[KF_lists <kf_lists () secnetops com>]

ISS would like to have you believe otherwise...  when I contacted them 
about the Local SYSTEM escalation in BlackICE we went in circles over 
the fact that I feel that taking local SYSTEM on a win32 box IS a 
problem and they don't. They tryed to say some crap like "in all our 
years in the industry we have never had a customer state that local 
windows security was a concern... blah blah (paraphrasing)". And 
something along the lines of "Windows is not a true multi-user system 
(like unix) so local escalation means nothing."

-KF

 > Also, at least in MS Windows, it's my personal feeling that local
> privilege escalation issues (particularly escalation to kernel or system 
> status) should be critical issues.  Whether people can run arbitrary 
> code on MS Windows systems these days isn't an exercise for the mind 
> anymore, it's an exercise of "go look at your neighbors computer and see 
> that it's done regularly".

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html