X
Home & Office
Home Home & Office Networking

US Report: Security bug found in NT

A bug that allows users on a Windows NT network to usurp the privileges of a system administrator, could give other users more access to the system allowing them to alter the system and change passwords.
Written by Matthew Broersma, Contributor

The bug, discovered recently by an Indian team and reported Friday to Microsoft by Mark Edwards, a security consultant, has the same effects as a bug discovered last year, but Microsoft spokespeople say the two bugs are unrelated. Microsoft says it will release a fix Monday evening.

Despite the potential harm that could be inflicted by someone who takes advantage of such a flaw, the software giant downplayed the security risks of the new bug. A Microsoft official emphasised the hole can only be exploited by a user with an account on, and physical access to, a local network run on Windows NT. Microsoft also denied that the "issue" could be taken advantage of over the Internet. "It's automatically limited in scope," said Karan Khanna, product manager with the Windows NT security group. "You have to have a valid user account, and if you have [that]... you have to have local rights and physical access."

The flaw is activated by a piece of software a user can run after logging onto an NT network locally. A security hole discovered last year also allowed users to impersonate system administrator privileges, but that bug operated in completely different fashion, Khanna said.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

pxl-20240424-181716738

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

Placeholder product image alt text

The best AI image generators to try right now