mailing list archives
Re: EEYE: Windows VDM #UD Local Privilege Escalation
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Wed, 13 Oct 2004 10:50:49 -0400
ISS would like to have you believe otherwise... when I contacted them
about the Local SYSTEM escalation in BlackICE we went in circles over
the fact that I feel that taking local SYSTEM on a win32 box IS a
problem and they don't. They tryed to say some crap like "in all our
years in the industry we have never had a customer state that local
windows security was a concern... blah blah (paraphrasing)". And
something along the lines of "Windows is not a true multi-user system
(like unix) so local escalation means nothing."
*feigned look of surprise*
Then how do they explain trojan horses, adware, and spyware?!?
Full-Disclosure - We believe in it.