REDMOND, Wa – A flaw in Microsoft’s flagship operating system Windows 2000 dicovered by Blake Watts of Guardent allows a user to gain new privileges on a computer network. The flaw with the Windows 2000 Event Viewer, which logs details of activity on a Windows 2000 system, could allow an ordinary user to carry out privileged system commands, Microsoft has confirmed.
Exploiting the vulnerability, a malicious user could write a specially formatted event to the Event Viewer, which would execute unauthorised code when the log is next viewed. If the next user to view the log is an administrator, super-user commands can be carried out.
The one mitigating aspect of the vulnerability is that the malicious user must already have access to a target computer system.
According to computer experts it is not as significant as a wide-ranging vulnerability that could be exploited remotely, but companies definitely need to patch this. Recommendation: System administrators should install patch on all critical servers and consider installing it on all Windows 2000 systems.
Microsoft has issued an alert and a patch for the problem available at: http://www.microsoft.com/technet/security/bulletin/MS01-013.asp
Microsoft said that the affected systems are Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server.
Recently a major vulnerability was discovered with the software giant’s leading email client Outlook.
