Vista Tutorial - Microsoft acknowledges Vista kernel elevation vulnerability

12-17-2007

http://www.neowin.net/news/main/07/1...-vulnerability

---

What was not supposed to happen in Windows Vista apparently has: Despite
a layer of protection that was supposed to prevent against processes
elevating their own privileges, Microsoft now says someone found a way
to do it.

A Microsoft security bulletin written earlier this week but publicized
this morning cites security software engineers SkyRecon Systems as
having discovered a way for processes in both 32- and 64-bit versions of
Windows Vista to elevate their own privilege to administrator level.
This discovery would likely be the latest in several months to thwart
the designs of PatchGuard, Microsoft's series of measures for innovating
the design of the operating system kernel in the interest of thwarting
the most common attacks that

12-17-2007

Its sad that there are some people who work 24/7 specifically to make life
difficult for computer users. No matter what is created to protect us, some
jackass is going to try to break it.

--
Mike Hall - MVP
http://msmvps.com/blogs/mikehall/default.aspx

"occam" <occam@xxxxxx> wrote in message
news:eEJRkJJQIHA.5360@xxxxxx

Quote:

> http://www.neowin.net/news/main/07/1...-vulnerability
>
> ---
>
> What was not supposed to happen in Windows Vista apparently has: Despite a
> layer of protection that was supposed to prevent against processes
> elevating their own privileges, Microsoft now says someone found a way to
> do it.
>
> A Microsoft security bulletin written earlier this week but publicized
> this morning cites security software engineers SkyRecon Systems as having
> discovered a way for processes in both 32- and 64-bit versions of Windows
> Vista to elevate their own privilege to administrator level. This
> discovery would likely be the latest in several months to thwart the
> designs of PatchGuard, Microsoft's series of measures for innovating the
> design of the operating system kernel in the interest of thwarting the
> most common attacks that

12-17-2007

"Mike Hall - MVP" <mikehall@xxxxxx> wrote in message
news:ec6G2nKQIHA.1208@xxxxxx

Quote:

> Its sad that there are some people who work 24/7 specifically to make life
> difficult for computer users. No matter what is created to protect us,
> some jackass is going to try to break it.

So you think the security software engineers at SkyRecon Systems are
jackasses?

ss.

12-19-2007

"Mike Hall - MVP" <mikehall@xxxxxx> wrote in message
news:ec6G2nKQIHA.1208@xxxxxx

Quote:

> Its sad that there are some people who work 24/7 specifically to make life
> difficult for computer users. No matter what is created to protect us,
> some jackass is going to try to break it.

Not everyone that does that wear black hats Mike. IIRC, some companies are
hired to do exactly what these people did. Identify the processes that are
broken. I know from personal experience that sometimes a set fresh eyes is
what you need to find and fix potential problems. If the white hat guys
don't...the black hats certainly WILL.

--
Ok, I admit it, I killed Barney!!
http://www.lockergnome.com/darksentinel
You know what to do with the munge

12-20-2007

I think his point is not that this group necessarily was doing
anything bad.
More so that resources need to be invested doing this sort of thing
because of those so intent on making computer use difficult.

If those with malicious intent stopped, computer use could be far
cheaper and easier since malware and prevention of would not be an
issue.
Resources could then be spent at nearly 100% to improving the computer
experience rather than so much just to protect from those whose
purpose is disruption.

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar

"DarkSentinel" <darkmungesentinel@xxxxxx> wrote in
message news:8FFF087C-BB80-4A6C-9D7B-8BA2C842ADD9@xxxxxx

Quote:

> "Mike Hall - MVP" <mikehall@xxxxxx> wrote in message
> news:ec6G2nKQIHA.1208@xxxxxx

Quote:

>> Its sad that there are some people who work 24/7 specifically to
>> make life difficult for computer users. No matter what is created
>> to protect us, some jackass is going to try to break it.

>
> Not everyone that does that wear black hats Mike. IIRC, some
> companies are hired to do exactly what these people did. Identify
> the processes that are broken. I know from personal experience that
> sometimes a set fresh eyes is what you need to find and fix
> potential problems. If the white hat guys don't...the black hats
> certainly WILL.
>
> --
> Ok, I admit it, I killed Barney!!
> http://www.lockergnome.com/darksentinel
> You know what to do with the munge
>
>

12-21-2007

"Jupiter Jones [MVP]" <jones_jupiter@xxxxxx> wrote in message
news:ulIizj3QIHA.1212@xxxxxx

Quote:

> I think his point is not that this group necessarily was doing anything
> bad.
> More so that resources need to be invested doing this sort of thing
> because of those so intent on making computer use difficult.
>
> If those with malicious intent stopped, computer use could be far cheaper
> and easier since malware and prevention of would not be an issue.
> Resources could then be spent at nearly 100% to improving the computer
> experience rather than so much just to protect from those whose purpose is
> disruption.

Oh I agree 100%. I always wonder what these people could do if they put
their minds to it. As good as I am on the hardware and network side, I'd
like to be that good on the programming side.

--
Ok, I admit it, I killed Barney!!
http://www.lockergnome.com/darksentinel
You know what to do with the munge

12-17-2007	#1 (permalink)
occam Guest n/a posts	Microsoft acknowledges Vista kernel elevation vulnerability http://www.neowin.net/news/main/07/1...-vulnerability --- What was not supposed to happen in Windows Vista apparently has: Despite a layer of protection that was supposed to prevent against processes elevating their own privileges, Microsoft now says someone found a way to do it. A Microsoft security bulletin written earlier this week but publicized this morning cites security software engineers SkyRecon Systems as having discovered a way for processes in both 32- and 64-bit versions of Windows Vista to elevate their own privilege to administrator level. This discovery would likely be the latest in several months to thwart the designs of PatchGuard, Microsoft's series of measures for innovating the design of the operating system kernel in the interest of thwarting the most common attacks that
My System Specs

12-17-2007	#2 (permalink)
Mike Hall - MVP Guest n/a posts	Re: Microsoft acknowledges Vista kernel elevation vulnerability Its sad that there are some people who work 24/7 specifically to make life difficult for computer users. No matter what is created to protect us, some jackass is going to try to break it. -- Mike Hall - MVP http://msmvps.com/blogs/mikehall/default.aspx "occam" <occam@xxxxxx> wrote in message news:eEJRkJJQIHA.5360@xxxxxx Quote: > http://www.neowin.net/news/main/07/1...-vulnerability > > --- > > What was not supposed to happen in Windows Vista apparently has: Despite a > layer of protection that was supposed to prevent against processes > elevating their own privileges, Microsoft now says someone found a way to > do it. > > A Microsoft security bulletin written earlier this week but publicized > this morning cites security software engineers SkyRecon Systems as having > discovered a way for processes in both 32- and 64-bit versions of Windows > Vista to elevate their own privilege to administrator level. This > discovery would likely be the latest in several months to thwart the > designs of PatchGuard, Microsoft's series of measures for innovating the > design of the operating system kernel in the interest of thwarting the > most common attacks that
My System Specs

12-17-2007	#3 (permalink)
Synapse Syndrome Guest n/a posts	Re: Microsoft acknowledges Vista kernel elevation vulnerability "Mike Hall - MVP" <mikehall@xxxxxx> wrote in message news:ec6G2nKQIHA.1208@xxxxxx Quote: > Its sad that there are some people who work 24/7 specifically to make life > difficult for computer users. No matter what is created to protect us, > some jackass is going to try to break it. So you think the security software engineers at SkyRecon Systems are jackasses? ss.
My System Specs

12-19-2007	#4 (permalink)
DarkSentinel Guest n/a posts	Re: Microsoft acknowledges Vista kernel elevation vulnerability "Mike Hall - MVP" <mikehall@xxxxxx> wrote in message news:ec6G2nKQIHA.1208@xxxxxx Quote: > Its sad that there are some people who work 24/7 specifically to make life > difficult for computer users. No matter what is created to protect us, > some jackass is going to try to break it. Not everyone that does that wear black hats Mike. IIRC, some companies are hired to do exactly what these people did. Identify the processes that are broken. I know from personal experience that sometimes a set fresh eyes is what you need to find and fix potential problems. If the white hat guys don't...the black hats certainly WILL. -- Ok, I admit it, I killed Barney!! http://www.lockergnome.com/darksentinel You know what to do with the munge
My System Specs

12-20-2007	#5 (permalink)
Jupiter Jones [MVP] Guest n/a posts	Re: Microsoft acknowledges Vista kernel elevation vulnerability I think his point is not that this group necessarily was doing anything bad. More so that resources need to be invested doing this sort of thing because of those so intent on making computer use difficult. If those with malicious intent stopped, computer use could be far cheaper and easier since malware and prevention of would not be an issue. Resources could then be spent at nearly 100% to improving the computer experience rather than so much just to protect from those whose purpose is disruption. -- Jupiter Jones [MVP] http://www3.telus.net/dandemar "DarkSentinel" <darkmungesentinel@xxxxxx> wrote in message news:8FFF087C-BB80-4A6C-9D7B-8BA2C842ADD9@xxxxxx Quote: > "Mike Hall - MVP" <mikehall@xxxxxx> wrote in message > news:ec6G2nKQIHA.1208@xxxxxx Quote: >> Its sad that there are some people who work 24/7 specifically to >> make life difficult for computer users. No matter what is created >> to protect us, some jackass is going to try to break it. > > Not everyone that does that wear black hats Mike. IIRC, some > companies are hired to do exactly what these people did. Identify > the processes that are broken. I know from personal experience that > sometimes a set fresh eyes is what you need to find and fix > potential problems. If the white hat guys don't...the black hats > certainly WILL. > > -- > Ok, I admit it, I killed Barney!! > http://www.lockergnome.com/darksentinel > You know what to do with the munge > >
My System Specs

12-21-2007	#6 (permalink)
DarkSentinel Guest n/a posts	Re: Microsoft acknowledges Vista kernel elevation vulnerability "Jupiter Jones [MVP]" <jones_jupiter@xxxxxx> wrote in message news:ulIizj3QIHA.1212@xxxxxx Quote: > I think his point is not that this group necessarily was doing anything > bad. > More so that resources need to be invested doing this sort of thing > because of those so intent on making computer use difficult. > > If those with malicious intent stopped, computer use could be far cheaper > and easier since malware and prevention of would not be an issue. > Resources could then be spent at nearly 100% to improving the computer > experience rather than so much just to protect from those whose purpose is > disruption. Oh I agree 100%. I always wonder what these people could do if they put their minds to it. As good as I am on the hardware and network side, I'd like to be that good on the programming side. -- Ok, I admit it, I killed Barney!! http://www.lockergnome.com/darksentinel You know what to do with the munge
My System Specs

Similar Threads
Thread	Forum
Vulnerability in Microsoft Server Message Block implementation [Vista most at Risk!]	System Security
Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability	System Security
Kernel vulnerability found in Vista	Vista News
Sinofsky acknowledges Vista UAC is a problem, Windows 7 adds options	Vista General
Microsoft replaces Vista kernel in SP1	Vista General