• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Kernel Unchecked LPC Buffer Privilege Escalation Vulnerability

Microsoft Windows is prone to a locally exploitable privilege escalation vulnerability. This is reportedly due to an unchecked buffer that is exposed through the LPC (Local Procedure Call) interface in the Windows kernel.

Successful exploitation would permit a local attacker to compromise the vulnerable computer.

The vendor has stated that this issue may likely only result in a denial of service on Windows XP SP2 and Windows Server 2003 platforms. This may be due to buffer overflow protection features included in these platforms. It is possible that a skilled attacker could bypass these security measures.

It is noted that the vulnerability is present in an API, so any applications or libraries that rely on the API may be exposed to this issue.