Windows hole discovered after 17 years - Update

"Microsoft isn't having an easy time of it these days. In addition to the unpatched hole in Internet Explorer, a now published hole in Windows allows users with restricted access to escalate their privileges to system level – and this is believed to be possible on all 32-bit versions of Windows from Windows NT 3.1 up to, and including Windows 7. While the vulnerability is likely to affect home users in only a minor way, the administrators of corporate networks will probably have their hands full this week.

"The problem is caused by flaws in the Virtual DOS Machine (VDM) introduced in 1993 to support 16-bit applications (real mode applications for 8086). VDM is based on the Virtual 8086 Mode (VM86) in 80386 processors and, among other things, intercepts hardware routines such as BIOS calls."

Complete Story

Related Stories:

• Update your Adobe software Now(Jan 16, 2010)
• Microsoft Admits Zero-Day Aided Google Attackers(Jan 15, 2010)
• Oracle Patches Two Dozen Flaws(Jan 14, 2010)
• Unreasonable Security Practices That Will Soon Be Even More Irrelevant(Jan 12, 2010)
• Firm to Release Database & Web Server 0days(Jan 12, 2010)
• Still waiting for a 64-bit Flash Player(Dec 30, 2009)
• Mean Time to Repair(Dec 29, 2009)
• Linux kernel vulnerabilities closed(Dec 10, 2009)