Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  

  Technical Updates @ TACKtech Corp.  

06.13.2006 - MS06-011: Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798) [v2.0 Re-Released]

View Microsoft related news. A privilege elevation vulnerability exists on Windows XP Service Pack 1 on the identified Windows services where the permissions are set by default to a level that may allow a low-privileged user to change properties associated with the service. On Windows 2003 permissions on the identified services are set to a level that may allow a user that belongs to the network configuration operators group to change properties associated with the service. Only members of the Network Configuration Operators group on the targeted machine can remotely attack Windows Server 2003, and this group contains no users by default. The vulnerability could allow a user with valid logon credentials to take complete control of the system on Microsoft Windows XP Service Pack 1.

V2.0 June 13, 2006: This update has been revised to include updated registry key values for the NetBT, RemoteAccess, and TCPIP services. These values have been modified to be the same as Windows XP Service Pack 2 on Windows XP Service Pack 1 systems, and the same as Windows 2003 Service Pack 1 on Windows 2003 systems with no service pack applied.

- Download Microsoft Windows XP SP1
- Download Microsoft Windows Server 2003
- Download Microsoft Windows Server 2003 for Itanium-based Systems
- View Microsoft Security Bulletin MS06-011
- View Microsoft Knowledge Base Article - 914798
- Visit Microsoft Corporation

NID: 10938 / Submitted by: TACKtech Team
Categories: Microsoft, Patches and Updates
Most recent Microsoft related news.
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
View archive of Microsoft related news.
  Popular Tech News  
  Most Viewed News  
  Top Affiliates