Microsoft: 32-Bit Windows Kernel Has Hole
A warning to all VARs supporting customers that use any 32-bit Windows version hailing all the way back to Windows 2000: There’s a flaw in the kernel. But don’t press the panic button. Here are some details to put you (and your customers) at ease.
Basically, there’s a hole in the 32-bit kernel. What does that mean exactly? In theory, someone could install programs, manipulate data or mess with user account with full rights. It sounds scary, but it’s actually kind of lo- key. Even though Windows 7, Vista, XP and 2K (including their server counterparts) are affected, it’s hard to exploit without you already having super-lax security.
To perform the exploit, you’d need to already have access to the computer — and local access at that. So either someone internally would be performing exploit, or you, the user, forgot to lock your screen. Once the hacker is in, however, s/he could take it’s own account (or yours) and upgrade it to Admin access, letting the hacker do whatever s/he wants.
According to CNET:
Jerry Bryant, senior security program manager at Microsoft, said there isn’t anyone out there actively prodding at this security hole. “We are not currently aware of any active attacks against this vulnerability, and Microsoft believes the risk to customers, at this time, is limited…”
To be on the safe side, Microsoft will (of course) be releasing a patch. For the time being, there’s a Microsoft sanctioned workaround disabling the Windows Virtual DOS Machine (NTVDM) subsystem. It closes the hole, and for most users it’s not that big of a deal, since it’s essentially software that lets Windows run DOS and 16-bit Windows software.
And for all you out there using 64-bit versions of Windows, you’re in the clear.