TUCoPS :: Windows Apps :: sb5869.htm

Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation
12th Dec 2002 [SBWID-5869]
COMMAND

	Flaw  in  Windows  WM_TIMER  Message  Handling  Could  Enable  Privilege
	Elevation

SYSTEMS AFFECTED

	 Microsoft Windows NT 4.0 
	 Microsoft Windows NT 4.0, Terminal Server Edition 
	 Microsoft Windows 2000 
	 Microsoft Windows XP 
	

PROBLEM

	From Microsoft Security Bulletin [MS02-071] available at :
	
	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-071.asp
	
	
	"it's possible for one process in  the  interactive  desktop  to  use  a
	WM_TIMER  message  to  cause  another  process  to  execute  a  callback
	function at the address of its choice, even if the  second  process  did
	not set a timer. If that second process had higher privileges  than  the
	first, this would provide the first process with  a  way  of  exercising
	them. "

SOLUTION

	See, http://www.microsoft.com/security/security_bulletins/ms02-071.asp

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH