IDG News Service - A vulnerability that affects four versions of Microsoft Corp.'s operating system, including Vista, doesn't appear to pose a great risk, according to one security vendor.
Microsoft's security blog said proof-of-concept code that targets the Client/Server Runtime Server Subsystem has been publicly released. The CSRSS performs functions such as launching and closing applications.
A user could launch malicious code within the CSRSS that would elevate his privileges on a computer, such as going from an ordinary user to an administrator, said Thomas Kristensen, chief technology officer at Secunia AsP in Denmark.
To execute the attack, however, a user would already have to be logged onto a machine or have gained access to the network some other way, Kristensen said. Because of this, Secunia rated the vulnerability as "less critical," he said.
Still, the flaw could potentially let an attacker place a rootkit on a machine and scrub any trace of tampering with the machine, Kristensen said.
"It's still a significant vulnerability which administrators should pay a whole lot of attention to," he said.
Microsoft said it has not heard of any attacks using the vulnerability, but it is investigating the potential impact. The affected systems are Windows 2000 Service Pack 4, Windows Server SP1, Windows XP SP2 and Vista, Microsoft said.
Free Insider Guide
Our weekly newsletter will cover a wide range of topics and trends related to consumerization. Stay up to date with news, reviews and in-depth coverage of BYOD, smartphones, tablets, MDM, cloud, social and how consumerization affects IT. Subscribe now!
Copyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
