Windows Server 2008 Shown to Have Security-Design Problems

Cesar Cerrudo, founder and CEO of Argeniss Information Security, inParana, Argentina, says the weaknesses could lead to privilegeescalation attacks opens the door for a skilled hacker to take completecontrol of the operating system.

"[We found] from design issues that were not identified by Microsoftengineers during the Security Development Lifecycle (SDL), and allowsaccounts commonly used by Windows services — NETWORK SERVICE and LOCALSERVICE — to bypass new Windows services protection mechanisms andelevate privileges, Cerrudo explained.

Read the full article at eWEEK.