Skip the navigation

Microsoft acknowledges vulnerability in Vista

Exploit code released on Client/Server Runtime Server Subsystem

By Jeremy Kirk
December 22, 2006 12:00 PM ET

IDG News Service - A vulnerability that affects four versions of Microsoft Corp.'s operating system, including Vista, doesn't appear to pose a great risk, according to one security vendor.

Microsoft's security blog said proof-of-concept code that targets the Client/Server Runtime Server Subsystem has been publicly released. The CSRSS performs functions such as launching and closing applications.

A user could launch malicious code within the CSRSS that would elevate his privileges on a computer, such as going from an ordinary user to an administrator, said Thomas Kristensen, chief technology officer at Secunia AsP in Denmark.

To execute the attack, however, a user would already have to be logged onto a machine or have gained access to the network some other way, Kristensen said. Because of this, Secunia rated the vulnerability as "less critical," he said.

Still, the flaw could potentially let an attacker place a rootkit on a machine and scrub any trace of tampering with the machine, Kristensen said.

"It's still a significant vulnerability which administrators should pay a whole lot of attention to," he said.

Microsoft said it has not heard of any attacks using the vulnerability, but it is investigating the potential impact. The affected systems are Windows 2000 Service Pack 4, Windows Server SP1, Windows XP SP2 and Vista, Microsoft said.

Reprinted with permission from Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies