[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Details: <paste> This Windows security flaw is based on the Windows debugging system which is accessible for all local users. A local user is able to get a handle to a process which is being run with administrative privileges and he/she can eventually run arbitrary code as administrator.<snip>
And for those interested in how to pull this off, just look for DebPloit. You'll find the source code for this one after about 2 minutes of googling. The only fix for this at the moment, is a 3rd party fix, and patching windows with a 3rd party fix scares me. Enjoy, -- ----------------------------------------------------------------- Ian Christian E-Mail: pookey at pookey dot co dot uk Tech Officer for Termisoc PGP Key ID: 0xD09C10ED ----------------------------------------------------------------- GCC d s: a-- C+++ UL++ P+ !E W++ N+ w M-- PS PGP+ t+ e>++ h+ z** -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.