Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     

  Technical Updates @ TACKtech Corp.  

04.30.2003 - MS02-071: Flaw in Windows WM_TIMER Message Handling Can Enable Privilege Elevation (328310) - Updated



View Microsoft related news. Windows messages provide a way for interactive processes to react to user events (such as keystrokes or mouse movements) and communicate with other interactive processes. The WM_TIMER message is sent at the expiration of a timer, and it can be used to cause a process to run a timer callback function. This message may create a security vulnerability because it is possible for one process in the interactive desktop to use a WM_TIMER message to cause another process to run a callback function at the address of its choice, even if the second process did not set a timer. If that second process has higher privileges than the first process, this would provide the first process with a way of exercising the functions.

- Download Windows NT Patch (03.17.2003)
- View Microsoft Security Bulletin MS02-071
- View End User Security Bulletin
- View Microsoft Knowledge Base Article - 328310
- Visit Microsoft Corporation

NID: 692 / Submitted by: TACKtech Team
Categories: Microsoft, Patches and Updates
Most recent Microsoft related news.
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
View archive of Microsoft related news.
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
.....