Reported July 9, 2003, by Microsoft.

 

VERSIONS AFFECTED

 

  • Microsoft Windows 2000

 

DESCRIPTION

 

A new vulnerability exists in Microsoft Windows 2000 that could result in system compromise via privilege escalation. This vulnerability stems from a flaw in the way that Utility Manager handles Windows messages. By default, the Utility Manager contains controls that run in the interactive desktop with Local System privileges. A potential attacker with the ability to log on to the system interactively could run a program that could send a specially crafted Windows message upon the Utility Manager process, causing it to take any action the attacker specified. This would give the attacker complete control over the system.

 

 

VENDOR RESPONSE

 

Microsoft has released Security Bulletin MS03-025, "Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679)" to address this vulnerability and recommends that affected users immediately apply the patch mentioned in the bulletin.

 

CREDIT

Discovered by Chris Paget of Next Generation Security Software Ltd.