electric sheep - news - Windows NT/2000/XP/2003 Security Advisory:

Windows NT/2000/XP/2003 Security Advisory:

	A vulnerability has been reported in Windows, which can be exploited by malicious, local users to terminate certain privileged programs. The problem is that the "PostThreadMessage" API allows any program to send a "WM_QUIT", "WM_CLOSE", or "WM_DESTROY" message to another program's thread on the same desktop. This can be exploited by unprivileged users to close a personal firewall or other privileged application running on a system without having permissions to do so. Successful exploitation requires that the program's thread has a message queue, since the "PostThreadMessage" API will fail otherwise. A PoC (Proof of Concept) exploit is available. Solution: Grant only trusted users access to systems. Full Article: Secunia

© Copyright 2000-2003 Electric Sheep Inc. All Rights Reserved (electricsheep.us) (esheep.org) (elektrik-sheep.com)