Security experts have discovered a fault in Microsoft's flagship operating system Windows 2000 that could allow a malicious user to hijack a system and perform any operation they wish. The flaw with the Windows 2000 Event Viewer, which logs details of activity on a Windows 2000 system, could allow an ordinary user to carry out privileged system commands, Microsoft has confirmed.
Exploiting the vulnerability, a malicious user could write a specially formatted event to the Event Viewer, which would execute unauthorised code when the log is next viewed. If the next user to view the log is an administrator, super-user commands can be carried out.
The one mitigating aspect of the vulnerability is that the malicious user must already have access to a target computer system.
"It is not as significant as a wide-ranging vulnerability that could be exploited remotely," said Ian Peacock, security consultant with Swedish computer security firm Defcom. "But companies definitely need to patch this."
Microsoft has issued an alert and a patch for the problem available at: http://www.microsoft.com/technet/security/bulletin/MS01-013.asp
Microsoft said that the affected systems are Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server.
This is just the latest security flaw to affect Microsoft. A major vulnerability was recently discovered with the software giant's leading email client Outlook.
