Microsoft has released a security bulletin alerting customers to a privilege escalation vulnerability in its latest and greatest operating systems. Yes, the ones re-built from the ground up for heightened security. Whoops.The bug occurs when you enable Microsoft's IIS webserver, or if you install the SQL database engine. When exploited, any code run under the IIS or SQL user can be instantly and invisibly upgraded to run under the LocalSystem account – which allows for modification to any file on the computer. Game over, basically.
http://www.bit-tech.net/news/2008/04/21/microsoft_warns_of_windows_flaw/1
Subscribe to:
Post Comments (Atom)
1 comment:
I have Windows Vista, and although it's a neat change from previous versions, it's already crashed on me with the blue screen of death a few times... I can only hope the fatal errors get remedied soon.
Post a Comment