Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Flaw in Windows 2000 Network Connection Manager New
A security vulnerability exists in the Windows 2000 Network Connection Manager which could allow an unprivileged user to run code of their choice with full system privileges.
Issue
The Network Connection Manager (NCM) provides a controlling mechanism for all network connections managed by a host system. Among the functions of the NCM is to call a handler routine whenever a network connection has been established.
By design, this handler routine should run in the security context of the user. However, a flaw could make it possible for an unprivileged user to cause the handler routine to run in the security context of LocalSystem, though a very complex process. An attacker who exploited this flaw could specify code of his or her choice as the handler, then establish a network connection in order to cause that code to be invoked by the NCM. The code would then run with full system privileges.
Affected Products
- Microsoft Windows 2000
Download
Patch: http://www.microsoft.com/downloads/Release.asp?ReleaseID=41406
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: August 14, 2002
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
