Linked by Thom Holwerda on Wed 20th Jan 2010 22:45 UTC, submitted by kragil
Windows I guess it's Windows-flaw-week or something. First, we had the Internet Explorer vulnerability used in the Google attack, and now we have a bug that's been sitting undetected in Windows NT for 17 years. The bug can be used to escalate privileges, but from what I understand, it only works locally (although that isn't made clear).
Thread beginning with comment 405460
To view parent comment, click here.
To read all comments associated with this story, please click here.
Andre
Member since:
2005-07-06

This bug was introduces in the early days of Windows NT. In that time, according to what I have read, the policy wasn't as strict as it is nowadays. So, I can imagine, if the bug was introduced in that early stage, that noone would have known about it years later.

Reply Parent Score: 1

f0dder Member since:
2009-08-05

So, I can imagine, if the bug was introduced in that early stage, that noone would have known about it years later.
Exactly.

I don't find it unlikely that NTVDM has sat pretty much untouched since NT4 - it's not the kind of subsystem that's going to need a lot of updates, since the stuff it supports is pretty much feature-frozen... and it's not the first place you'd expect to be exploitable, since the CPU handles most of the encapsulation via V86 mode.

And the exploit is nontrivial, pretty interesting piece of code ;)

Reply Parent Score: 1