Borklog: One entry

20 August 2002

Woo hoo! A whole new class of Windows exploits, supposedly "a flaw so great that it would threaten national security if windows source code were to be disclosed". The gist of the flaw is that any running desktop program can send messages (events) to any other program without any kind of authentication. In this particular case, the author tricked VirusScan into executing arbitrary code and ended up elevating his privileges.