Microsoft Windows 2000 Kernel Local Privilege Escalation Vulnerability

2006-08-08T00:00:00
ID SMNTC-19388
Type symantec
Reporter Symantec Security Response
Modified 2006-08-08T00:00:00

Description

Description

A local privilege-escalation vulnerability affects Microsoft Windows 2000. This vulnerability affects the Windows kernel; local attackers may exploit it to completely compromise an affected computer.

Technologies Affected

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Datacenter Server SP1
  • Microsoft Windows 2000 Datacenter Server SP2
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Server SP4

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Attackers require local access to exploit this vulnerability. Permit local access for trusted individuals only.

Microsoft has released a security bulletin to address this issue. Microsoft reported that the MS06-049 patch (920958) may corrupt NTFS compression files that are larger than 4 kilobytes. Microsoft recommends disabling NTFS compression as a workaround. Please refer to the attached security bulletin for more information.