Back to Top

Saturday, December 16, 2006

Undisclosed Microsoft bug

Over at the eEye research site you can read a worrying and little confusing advisory (how can something be a local privilege escalation and a remote code execution attack at the same time?). I'm eagerly awaiting more details about this. In the mean time, don't forget to subscribe to their Zero-Day tracker.

Update: I don't know if this is the same, but SANS pointed me to this Microsoft advisory: MS06-075 - Vulnerability in Windows Could Allow Elevation of Privilege.

Update to the update: maybe it isn't the same because SANS points out that this was patched in the last round of updates and the eEye advisory refers to something unpatched.


Post a Comment

You can use some HTML tags, such as <b>, <i>, <a>. Comments are moderated, so there will be a delay until the comment appears. However if you comment, I follow.