PDAJames writes” “A couple of days ago, Chris Paget published a whitepaper showing how you could exploit a ‘feature’ of the Win32 API to elevate user priveleges. Paget thinks this is a major fault with the API, but Microsoft doesn’t even acknowledge that it’s a vulnerability, according to this story (at ZDNet UK). Is Microsoft right for once, or is it just more ‘security through obscurity’?”
Category:
- C/C++
