Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

02.07.2003 - MS02-071: Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310) - Updated



View Microsoft related news. Windows messages provide a way for interactive processes to react to user events (such as keystrokes or mouse movements) and communicate with other interactive processes. The WM_TIMER message is sent at the expiration of a timer, and it can be used to cause a process to run a timer callback function. This message may create a security vulnerability because it is possible for one process in the interactive desktop to use a WM_TIMER message to cause another process to run a callback function at the address of its choice, even if the second process did not set a timer. If that second process has higher privileges than the first process, this would provide the first process with a way of exercising the functions.

- Download Windows NT Patch
- View Microsoft Security Bulletin MS02-071
- View End User Security Bulletin
- View Microsoft Knowledge Base Article - 328310
- Visit Microsoft Corporation

NID: 521 / Submitted by: Travis
Categories: Microsoft, Patches and Updates
Most recent Microsoft related news.
MS17-013 - Critical: Security Update for Microsoft Graphics Component (4013075) - Version: 2.0
MS17-014 - Important: Security Update for Microsoft Office (4013241) - Version: 2.0
MS17-021 - Important: Security Update for Windows DirectShow (4010318) - Version: 2.0
MS16-037 - Critical: Cumulative Security Update for Internet Explorer (3148531) - Version: 2.0
MS17-013 - Critical: Security Update for Microsoft Graphics Component (4013075) - Version: 1.1
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........