[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <416D3C03.3000902@secnetops.com>
From: kf_lists at secnetops.com (KF_lists)
Subject: EEYE: Windows VDM #UD Local Privilege Escalation
ISS would like to have you believe otherwise... when I contacted them
about the Local SYSTEM escalation in BlackICE we went in circles over
the fact that I feel that taking local SYSTEM on a win32 box IS a
problem and they don't. They tryed to say some crap like "in all our
years in the industry we have never had a customer state that local
windows security was a concern... blah blah (paraphrasing)". And
something along the lines of "Windows is not a true multi-user system
(like unix) so local escalation means nothing."
-KF
> Also, at least in MS Windows, it's my personal feeling that local
> privilege escalation issues (particularly escalation to kernel or system
> status) should be critical issues. Whether people can run arbitrary
> code on MS Windows systems these days isn't an exercise for the mind
> anymore, it's an exercise of "go look at your neighbors computer and see
> that it's done regularly".
>
Powered by blists - more mailing lists