Microsoft Vista Flaw Rated 'Less Critical'

A vulnerability that affects four of Microsoft’s operating systems, including Vista, doesn’t appear to pose a great risk, according to one security vendor.

Microsoft’s security blog said proof-of-concept code has been publicly released that targets the Client-Server Runtime Subsystem (CSRSS), which performs functions such as launching and closing applications.

A user could launch malicious code within the CSRSS that would elevate one’s privileges on a computer, such as going from an ordinary user to an administrator, said Thomas Kristensen, chief technology officer for Secunia in Denmark. Microsoft Vista Flaw Rated ‘Less Critical’ - Security Feed - News - CSO Magazine

Linked by shanmuga Tuesday, 26th December 2006 11:39PM