Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: RE: Windows Vista Power Management & Local Security Policy

RE: Windows Vista Power Management & Local Security Policy

From: Abe Getchell <me_at_abegetchell.com>
Date: Tue, 22 Jul 2008 18:37:07 -0400

Correct. Power management in Windows Vista is apparently given a pass to
bypass local security policy, which is a bad thing, and sets a bad
precedence. I will leave it to others to exploit this security issue, given
that I know little about the programmatic aspect of power management in
Windows. There are people out there much more capable than me who, if they
feel it warranted, can research the issue further. I don't consider it, as
Jim Harrison would say, "wasting your time chasing things that 'might lead
to cats & dogs living together in sin'", but rather "security research" and
"sharing information". I don't consider Jim's reaction surprising at all,
though, as he works for Microsoft. 

--
Abe Getchell
me_at_abegetchell.com
https://abegetchell.com/
> -----Original Message-----
> From: James C. Slora Jr. [mailto:james.slora_at_phra.com]
> Sent: Tuesday, July 22, 2008 11:15 AM
> To: bugtraq_at_securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
> 
> So is this the bottom line?
> 
> This is a security mechanism bug that might lead to privilege
> escalation
> for arbitrary user processes. The OP has left it for others to
> determine
> exploitability.
>
Received on Jul 23 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]