Microsoft works on NT security fix

Microsoft works on NT security fix

- Windows NT security teams are offering hot fixes for the "privilege elevation attack", a security flaw in NT that can grant system administrator's rights to any network user.

The program, called sechole.exe, was created by a group of programmers in India, according to Microsoft.

The program allows the user to gain debug-level access, said Karan Khanna, product manager for NT security at Microsoft.

"In order to run the program, you need to have a valid account on the system and local log-on rights," Khanna said. "Then you can run the program and elevate your privileges. It doesn't work remotely, so you cannot attack the system externally," he added.

When activated, the code seeks out the highest system-level authority possible for the malicious user, clearing a path for the user to gain system administrator status, Khanna said, leaving the network's confidential areas, passwords, and other sensitive information vulnerable.

Microsoft has posted hot fixes for Windows NT 3.51 and 4.0, and Windows NT Server 4.0 Terminal Server Edition, at

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments