Microsoft has admitted that its Windows debugging facility is itself subject to a security bug.

In an advisory issued yesterday, Microsoft admitted the authentication mechanism for the debugging facility is flawed in a way that allows unauthorised programs to gain access to the debugger.

The upshot of this is, providing an attacker can log-in to a target machine - and that's a big if - a cracker can screw your Windows box six ways to Sunday.

If they obtain access either directly to a console or through a terminal session, crackers might be able to run code of their choice. Microsoft suggests a few possibilities might include "deleting data, adding accounts with administrative access, or reconfiguring the system" (isn't all this built into XP anyway? - Ed).

No surprise then that Microsoft describes a patch it has issued to fix the flaw as of "critical" importance for client systems. You can find more information on the problem, and links to the patch here (http://www.microsoft.com/technet/security/bulletin/MS02-024.asp).

TechNote

The Windows debugging facility "provides a means for programs to perform diagnostic and analytic functions on applications as they are running on the operating system," Microsoft explains.

"One of these capabilities allows for a program, usually a debugger, to connect to any running program, and to take control of it. The program can then issue commands to the controlled program, including the ability to start other programs." ®

External Links

here (http://www.microsoft.com/technet/security/bulletin/MS02-024.asp)

Related Stories

MS IE patch misses the mark (http://www.theregister.co.uk/content/55/25326.html)
SQL server worm throttles bandwidth (http://www.theregister.co.uk/content/55/25392.html)
Kill the MSN Messenger (http://www.theregister.co.uk/content/55/25209.html)
MS Word runs malicious e-mail scripts (http://www.theregister.co.uk/content/55/25033.html)