August 8, 2002
Microsoft denies Win32 API 'flaw'
PDAJames writes" "A couple of days ago, Chris Paget published a whitepaper showing how you could exploit a 'feature' of the Win32 API to elevate user priveleges. Paget thinks this is a major fault with the API, but Microsoft doesn't even acknowledge that it's a vulnerability, according to this story (at ZDNet UK). Is Microsoft right for once, or is it just more 'security through obscurity'?"