Reported July 9, 2003, by Microsoft.




  • Microsoft Windows 2000




A new vulnerability exists in Microsoft Windows 2000 that could result in system compromise via privilege escalation. This vulnerability stems from a flaw in the way that Utility Manager handles Windows messages. By default, the Utility Manager contains controls that run in the interactive desktop with Local System privileges. A potential attacker with the ability to log on to the system interactively could run a program that could send a specially crafted Windows message upon the Utility Manager process, causing it to take any action the attacker specified. This would give the attacker complete control over the system.





Microsoft has released Security Bulletin MS03-025, "Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)" to address this vulnerability and recommends that affected users immediately apply the patch mentioned in the bulletin.



Discovered by Chris Paget of Next Generation Security Software Ltd.