Microsoft Admits Defeat: Vista Kernel Flaw Could Allow Elevation Of Privileges
One of Microsoft's latest security bulleting warns about a flaw that would allow processes to elevate elevating their own privileges, a thing that was supposed to be impossible up till now.
December 17, 2007
“An elevation of privilege vulnerability exists in the way that the Windows kernel processes certain access requests. This vulnerability could allow an attacker to run code and to take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights,” the statement reads.
Microsoft would not go into further details, for obvious security reasons. However, reports from SkyRecon Systems have it that it has something to do with the Advanced Local Procedure Call (ALPC) system.
"Windows Vista includes many new enhancements and features which improve the overall operating system security,” said Thomas Garnier, Senior Research Engineer at SkyRecon Systems Inc. “During our ongoing research in the Windows Vista kernel and the ALPC interface, we found an important vulnerability which could be used to gain privilege and then execute code in the Vista kernel."
A patch for the ALPC problem is available here.