Microsoft jumps on Windows XP vulnerability

By

Affects Server 2003.

Microsoft is investigating attacks against Windows XP and Server 2003 via a vulnerability which has been found to allow standard users to execute code in the kernel.

Microsoft jumps on Windows XP vulnerability

The local privilege escalation flaw does not permit remote code execution and works only in the old Windows offerings.

"The vulnerability is an elevation of privilege vulnerability. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights," Microsoft wrote in an advisory.

The FireEye researchers who discovered the flaw, Xiaobo Chen and Dan Caselden, said it was used in conjunction with a since-patched Adobe Reader exploit targeting versions 9.5.4, 10.1.6, 11.0.02 and prior. It could allow users to bypass the Adobe sandbox.

"The exploit produces shellcode which decoded a PE payload from the PDF, drops it in the temporary directory, and executes it," they wrote.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?