 |
• April 11, 2002 •
Over a month has passed since Radim Picha reported a serious security flaw he found in Windows 2000 / Windows NT to Microsoft, and still there's no fix available - at least from Microsoft.
Picha posted the alert to the NTBugtraq list on the 14th of March, and also included a link to a zip file that contains complete source code that demonstrates the problem, as well as text files that explain how the exploit works.
The exploit is known as DebPloit, and allows everyone to get a handle to any process or thread. Handles have enough access to promote everyone to system/admin (in the case target is running under LocalSystem, Administrator account). So basically even when logged in the Guest account could get you Admin. rights....
Microsoft says that they are working on a fix, but no date for its availability is given.
