What was not supposed to happen in Windows Vista apparently has: Despite a layer of protection that was supposed to prevent against processes elevating their own privileges, Microsoft now says someone found a way to do it.
A Microsoft security bulletin written earlier this week but publicized this morning cites security software engineers SkyRecon Systems as having discovered a way for processes in both 32- and 64-bit versions of Windows Vista to elevate their own privilege to administrator level. This discovery would likely be the latest in several months to thwart the designs of PatchGuard, Microsoft's series of measures for innovating the design of the operating system kernel in the interest of thwarting the most common attacks that plagued Windows XP. Last February, PatchGuard was theoretically defeated, using methodology made public by, ironically, Symantec.
Microsoft has issued a security patch that addresses the ALPC issue.
News source: BetaNews
19 Comments - Add comment