MS04-024: Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)

Tuesday, July 13, 2004

Another example of why it’s a bad idea to run as an administrator on a day-to-day basis:

This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. However, significant user interaction is required to exploit this vulnerability. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

[Microsoft Security Bulletins]

True. :)

You can also use a decent browser like Firefox. :)

Frans Bouma - Tuesday, July 13, 2004 7:50:00 PM

Frans,

1. This isn't a browser issue, it is a Windows issue.

2. The patch that prevents Firefox from exploiting this issue is not even a week old. Simply using a better browser doesn't prevent OS-level security issues completely.

Shannon J Hager - Tuesday, July 13, 2004 8:23:00 PM

2 Comments