When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Vista Exploit Surfaces on Russian Hacker Site

Proof-of-concept exploit code for a privilege escalation vulnerability affecting all versions of Windows—including Vista—has been posted on a Russian hacker forum, forcing Microsoft to activate its emergency response process. Mike Reavey, operations manager of the Microsoft Security Response Center, confirmed that the company is "closely monitoring" the public posting, which first appeared on a Russian language forum on Dec. 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server.

According to an alert cross-posted to security mailing lists, the vulnerability is caused by a memory corruption when certain strings are sent through the MessageBox API. "The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems," Reavey said in an entry posted late Dec. 21 on the MSRC blog.

"Initial indications are that in order for the attack to be successful, the attacker must already have authenticated access to the target system. Of course these are preliminary findings and we have activated our emergency response process involving a multitude of folks who are investigating the issue in depth to determine the full scope and potential impact to Microsoft's customers," Reavey added.

View: The full story
News source: eWeek News source: eWeek

Report a problem with article
Next Article

Microsoft offers Vista free to CES exhibitors

Previous Article

DirectX 10 will not take off until 2H 2007, says AMD

Join the conversation!

Login or Sign Up to read and post a comment.

19 Comments - Add comment