Microsoft warns of Windows 2000 security hole

Summary:Flaw allows a user to gain new privileges on a computer network

Security experts have discovered a fault in Microsoft's flagship operating system Windows 2000 that could allow a malicious user to hijack a system and perform any operation they wish.

The flaw with the Windows 2000 Event Viewer -- which logs details of activity on a Windows 2000 system -- could allow an ordinary user to carry out privileged system commands, Microsoft has confirmed.

Exploiting the vulnerability, a malicious user could write a specially formatted event to the Event Viewer, which would execute unauthorised code when the log is next viewed. If the next user to view the log is an administrator, super-user commands can be carried out.

The one mitigating aspect of the vulnerability is that the malicious user must already have access to a target computer system.

"It is not as significant as a wide-ranging vulnerability that could be exploited remotely," said Ian Peacock, security consultant with Swedish computer security firm Defcom. "But companies definitely need to patch this."

Microsoft has issued an alert and a patch for the problem available at: http://www.microsoft.com/technet/security/bulletin/MS01-013.asp.

Microsoft said that the affected systems are Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server.

This is just the latest security flaw to affect Microsoft. A major vulnerability was recently discovered with the software giant's leading email client Outlook.

Take me to Hackers

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.

Topics: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.